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Abstract 



Left-sequential logics provide a means for reasoning about (closed) propositional terms with 
atomic propositions that may have side effects and that are evaluated sequentially from left to 
right. Such propositional terms are commonly used in programming languages to direct the flow 
of a program. In this thesis we explore two such left-sequential logics. First we discuss Fully 
Evaluated Left-Sequential Logic, which employs a full evaluation strategy, i.e., to evaluate a term 
every one of its atomic propositions is evaluated causing its possible side effects to occur. We 
then turn to Short-Circuit (Left-Sequential) Logic as presented in [BPlOb], where the evaluation 
may be 'short-circuited', thus preventing some, if not all, of the atomic propositions in a term 
being evaluated. We propose evaluation trees as a natural semantics for both logics and provide 
axiomatizations for the least identifying variant of each. From this, we define a logic with 
connectives that prescribe a full evaluation strategy as well as connectives that prescribe a short- 
circuit evaluation strategy. 
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CHAPTER 1 



Introduction 



In computer programming it is common to use prepositional terms to control the flow of a 
program. These expressions occur for example in if and while statements. Although at first 
sight it might appear as though these expressions are terms of a Boolean algebra, it turns out 
that their semantics are not governed by ordinary Propositional Logic (PL). The reason is that 
many programming languages allow arbitrary instructions, e.g., method calls, to occur as atomic 
propositions in such terms. Those instructions may have side effects. Therefore the truth value 
of a term may depend on the state of the execution environment, e.g., the operating system or 
the Java Virtual Machine. This state in turn can also be altered by the evaluation of (part of) 
a term. For example, in the term x && y, a side effect of the evaluation of x may be that any 
subsequent evaluation of y yields false. In that case x && y will yield false, while y && x may 
yield true, i.e., conjunction is no longer commutative. 

This shows that, unlike in PL, the evaluation strategy that is used impacts the truth values 
of terms. Most programming languages evaluate such terms sequentially from left to right. We 
refer to such an evaluation strategy as a left- sequential evaluation strategy. In addition, some 
programming languages offer connectives that are evaluated using a short-circuit (left-sequential) 
evaluation strategy, such as && and I I in the Java programming language, see, e.g., [AGH06]. 
A short-circuit evaluation strategy is one that evaluates only as much of a propositional term 
as is necessary to determine its truth value. For example, when evaluating the term x && y, 
if x evaluates to false, the entire term will be false, regardless of the truth value of y. In that 
case the evaluation is 'short-circuited' and y is never evaluated. An evaluation strategy that 
always evaluates terms in their entirety is called a full (left-sequential) evaluation strategy. In 
Java, for example, the connectives & and I are evaluated using a full evaluation strategy. Some 
languages provide both short-circuited and full versions of the binary connectives, as Java does, 
thus allowing the programmer to write terms that prescribe a mixed evaluation strategy. 

In [BP 11], Bcrgstra and Ponse introduce Proposition Algebra as a means for reasoning about 
sequential evaluations of propositional terms using a ternary conditional connective, y < x > z, 
to be read as 'if x then y else z\ In [BPlOb], they define Short-Circuit Logic (SCL) in terms 
of Proposition Algebra using left-sequential versions of the standard logical connectives. SCL 
formalizes equality between propositional terms that are evaluated with a short-circuit evaluation 
strategy. They use -i for negation, V for (short-circuit) left-sequential disjunction and J\ for 
(short-circuit) left-sequential conjunction. The position of the circle indicates the direction of 
the evaluation, i.e., from left to right. The negation symbol does not have a circle, because it 
has only one possible evaluation strategy, i.e., evaluate the negated subterm and then negate the 
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result. Several variants of SCL are described in [BPlOb], ranging from the least identifying, Free 
SCL (FSCL), to the most identifying, Static SCL, which corresponds to PL. The only difference 
between Static SCL and PL is that the connectives in Static SCL are left-sequential and that 
the evaluation is short-circuited. Several semantics have been given for SCL, such as valuation 
congruences [BP11], Hoare-McCarthy algebras [BPlOa] and truth tables [Ponll]. 

In [Bloll] Blok first defined Fully Evaluated Left- Sequential Logic, or Fully Evaluated Logic 
(FEL) for short. FEL is used for dealing with terms that are to be evaluated using a full 
evaluation strategy. Blok refers to this logic as Side-Effecting Logic, but we prefer the name 
FEL so that we do not implicitly discount SCL as a logic that can be used for reasoning about 
side effects. To allow for a mixed setting of FEL and SCL, we must distinguish the symbols used 
in FEL-terms from those of Bergstra and Ponse. We use /\ for full left-sequential conjunction 
and V for full left-sequential disjunction. We still use for negation, because it is evaluated 
with the same strategy as in SCL. We can now view the open circles in J\ and V as indicating 
short-circuiting while the closed circles of /\ and V indicate full evaluations. No variants of FEL 
other than Free FEL (FFEL) have yet been formally defined. 

In this thesis we will also define a logic for reasoning about propositional terms that contain 
both short-circuit left-sequential connectives and full left-sequential connectives. We refer to a 
logic that offers both types of connectives as a general left-sequential logic. 

The main differences between these left-sequential logics and PL is that they employ a left- 
sequential evaluation strategy and that their atoms may have side effects. We note that logics 
employing right-sequential evaluation strategies can easily be expressed in terms of their left- 
sequential counterparts. We study the left-sequential versions because most programming lan- 
guages are oriented left-to-right, mainly due to having been developed in the Western world. 
Although side effects are well understood in programming, see e.g., [BW96] or [Nor97], they 
are often explained without a general formal definition. In Chapter 5 we will substantiate our 
claim that these logics can be used to formally reason about propositional terms whose atoms 
may have side effects. We note that both SCL and FEL are sublogics of PL, in the sense that 
they identify fewer propositions, i.e., closed terms, although both have extreme variants that are 
equivalent with PL. 

We start in Chapter 2 by formally introducing FFEL and the set of equations EqFFEL. We 
prove that EqFFEL is an axiomatization of FFEL. In Chapter 3 we introduce FSCL SE as an 
alternative semantics for the Proposition Algebra semantics of FSCL. We also discuss the set 
of equations EqFSCL and prove that it axiomatizes FSCL SE . In Section 4.2 we prove that it 
also axiomatizes FSCL. Chapters 2 and 3 are written to be self-contained, hence there is some 
duplication of definitions and narrative. In Chapter 4 we investigate the relations between FFEL 
and FSCL. We show in Section 4.1 that FFEL can also be expressed in terms of Proposition 
Algebra. In Section 4.2 we prove that FSCL SE is equivalent to FSCL. In Section 4.3 we show 
that FFEL is a sublogic of FSCL and use this fact to define a general left-sequential logic. We 
conclude with some final remarks and provide an outlook for further study in Chapter 5. 
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CHAPTER 2 



Free Fully Evaluated Logic 

(FFEL) 



In this chapter we define Free Fully Evaluated Left-Sequential Logic, or Free Fully Evaluated 
Logic (FFEL) for short, and the set of equations EqFFEL, which we will prove axiomatizes FFEL 
in Section 2.3. We start by defining FEL-terms, which are built up from atomic propositions, 
referred to as atoms, the truth value constants T for true and F for false and the connectives 
for negation, /\ for full left-sequential conjunction and V for full left-sequential disjunction. 

Definition 2.1. Let A be a countable set of atoms. FEL-terms (FT) have the following 
grammar presented in Backus-Naur Form. 

PeFT::=aeA | T | F | ^P | (P J\ P) | (P V P) 

If A = then the resulting logic is trivial. 

Let us return for a moment to our motivation for left-sequential logics, i.e., propositional 
terms as used in programming languages. We will consider the FEL-tcrm a V b and informally 
describe its evaluation, naturally using a full evaluation strategy. We start by evaluating a and 
let its yield determine our next action. If a yielded F we proceed by evaluating b, i.e., the yield 
of the term as a whole will be the yield of b. If a yielded T, we already know at this point that 
a V b will yield T. We still evaluate b though, but ignore its yield and instead have the term 
yield T. Evaluating a subterm even though its yield is not needed to determine the yield of the 
term as a whole is the quintessence of a full evaluation strategy. 

Considering the more complex term (a V b) /\ c, we find that we start by evaluating a V b 
and if it yielded T we proceed by evaluating c. If it yielded F we still evaluate c, even though 
we know that the term as a whole will now yield F. The discussion of the evaluations of these 
terms may have evoked images of trees in the mind of the reader. We will indeed define equality 
of FEL-terms using (evaluation) trees. We define the set T of binary trees over A with leaves in 
{T, F} recursively. We have that 

T £ T, F £ T, and (X <a>Y) £T for any X, Y £ T and a £ A. 

In the expression X < a > Y the root is represented by a, the left branch by X and the right 
branch by Y. As is common, the depth of a tree X is defined recursively by d(T) = d(F) = 
and for all a £ A, d(Y < a > Z) = 1 + max(d(Y), d{Z)). Our reason for choosing this particular 
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notation for trees, out of the many that exist, is explained in Chapter 4. We shall refer to trees 
in T as evaluation trees, or simply trees for short. Figure 2.1 shows the trees corresponding to 
the evaluations of (a V b) J\ c and (a J\ b) V c. 

Returning to our example, we have seen that the tree corresponding to the evaluation of 
(a V b) J\ c can be composed from the tree corresponding to the evaluation of a V b and that 
corresponding to the evaluation of c. We said above that if a V b yielded T, we would proceed 
with the evaluation of c. This can be seen as replacing each T-leaf in the tree corresponding 
to the evaluation of a V b with the tree that corresponds to the evaluation of c. Formally 
we define the leaf replacement operator, 'replacement' for short, on trees in T as follows. Let 
X, X',X",Y, Z £ T and a £ A. The replacement of T with Y and F with Z in X, denoted 
X [T i->- Y, F i->- Z] , is defined recursively as 

T[T m. Y, F ^ Z] = Y 
F[T h> F, F h> Z] = Z 
(X' < a > X")[T i — > Y, F i — y Z\ = X'[T ^Y,F ^ Z}<a> X"[T hY,Fh Z]. 

We note that the order in which the replacements of the leaves of X is listed inside the brackets 
is irrelevant. We will adopt the convention of not listing any identities inside the brackets, i.e., 

X[F ^Y}= X[T h> T, F h> 7], 

Furthermore we let replacements associate to the left. We also use that fact that 

X[T i — > y] [F i — > Z\ = X[T i — > y, F i — > z\ 
if Y does not contain F, which can be shown by a trivial induction. Similarly, 

X[F i — y Z] [T i — y Y\ = X[T i — y y, F i — y Z\ 

if Z docs not contain T. We now have the terminology and notation to formally define the 
evaluation of FEL-tcrms. 

Definition 2.2. Let A be a countable set of atoms and let T be the set of all finite binary trees 
over A with leaves in {T, F}. We define the unary Full Evaluation function fe : FT — > T as: 

fe(T) = T 
fe(F) = F 

fe (a) = T < a > F for a e A 

fe(^P) = fe(P)[T h^F,F^T] 
fe(P J\Q) = fe(P)[T fe(Q), F fe(Q)[T ^ F]] 
fe(P V Q) = fe(P)[T ^ fe(Q)[F ^T],Fh> fe(Q)]. 

Note that because we require A to be a set, T is also a set. By a trivial induction we can 
show that all trees in the image of fe are perfect binary trees, i.e., all their paths are of equal 
length. As we can see from the definition on atoms, the evaluation continues in the left branch 
if an atom yields T and in the right branch if it yields F. Revisiting our example once more, 
we indeed see how the evaluation of a V b is composed of the evaluation of a followed by the 
evaluation of b in case a yields F and by the evaluation of b, but with a constant yield of T, in 
case a yields T. We can compute fe (a V b) as follows. 

fe (a V b) = (T < a > F)[T ^ (T < b > F)[F i-> T] , F i-> (T < 6 > F)] 
= (T < a > F)[T (T < b > T), F ^ (T < b > F)] 
= (T < b > T) < a > (T < b > F) 
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Now the evaluation of (a V b) /\ c is a composition of this tree and T < c > F, as can be seen in 
Figure 2.1b. 




Figure 2.1: Trees depicting the evaluation of two FEL-terms. The evaluation starts at the 
root. When (the atom at) an inner node yields T the evaluation continues in its left branch 
and when it yields F it continues in its right branch. The leaves indicate the yield of the 
terms as a whole. 



Informally we see that two FEL-terms are equal when they not only yield the same truth 
value given the truth values of their constituent atoms, but also contain the same atoms in the 
same order. Consider for example the terms a and a J\ (b V T) and note that the truth value 
of both is determined entirely by the truth value of a. Also note that since b occurs after a in 
the second term, no side effect of b could ever affect a. When both terms would be placed in the 
context of another term, e.g., a /\ c and (a J\ (6VT))/ic, the situation changes. A side effect 
of b might, for example, be that c will yield F. In that case the truth value of the first term is 
determined by a and c, while that of the second term is always F. We are now ready to define 
Fully Evaluated Left-Sequential Logic. 

Definition 2.3. A Fully Evaluated Left- Sequential Logic (FEL) is a logic that satisfies 
the consequences of fe- equality. Free Fully Evaluated Left- Sequential Logic (FFEL) is the 

fully evaluated left-sequential logic that satisfies no more consequences than those of fe- equality, 
i.e., for all P,Q e FT, 

FEL \= P = Q <= fe(P) = fe(Q) and FFEL N P = Q fe(P)=fe(Q). 

It is not considered standard to define a logic equationally, but in this case we feel it is 
warranted to avoid having to mix the connectives from PL with those from FEL. 

There is an immediate correspondence between trees and sets of traces, namely the paths of 
such trees annotated with the truth value of each internal node. For example, Figure 2.1a would 
correspond to the set of traces 

{(aT6TcT, T), (aT6TcF, T), (aT&FcT, T), (aT&FcF, F), 
(aFfeTcT, T), (aF&TcF, F), (aF&FcT, T), (aFfeFcF, F)}. 

This means we could have defined the image of fe to be sets of such annotated traces. We chose 
to define FEL with tree semantics rather than with trace semantics because the former affords 
us a more succinct notation. 

We now turn to the set of equations EqFFEL, listed in Table 2.1, which we will show in 
Section 2.3 is an axiomatization of FFEL. This set of equations was first presented by Blok in 
[Bloll]. 
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F = 


(FEL1) 




(FEL2) 


-^^x = X 


(FEL3) 


{xj\y)j\z = xj\(yj\z) 


(FEL4) 


T J\ x — x 


(FEL5) 


x J\ T = x 


(FEL6) 


x J\ F = F J\ x 


(FEL7) 


x J\ F = -^x J\ F 


(FEL8) 


(x J\ F) V y = (x V T) /\ y 


(FEL9) 


x V (y J\ F) = x J\ (y V T) 


(FEL10) 



Table 2.1: The set of equations EqFFEL. 
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If two FEL-terms s and t, possibly containing variables, are derivable by equational logic and 
EqFFEL, we denote this by EqFFEL \- s ~ t and say that s and t are derivably equal. By virtue 
of (FEL1) through (FEL3), /\ is the dual of V and hence the duals of the equations in EqFFEL 
are also derivable. We will use this fact implicitly throughout our proofs. 

The following lemma shows some useful equations illustrating the special properties of terms 
of the form x J\ F and x \ T. The first is an 'extension' of (FEL8) and the others show two 
different ways how terms of the form iVT, and by duality terms of the form x J\ F, can change 
the main connective of a term. 

Lemma 2.4. The following equations can all be derived by equational logic and EqFFEL. 

1. x J\ (y J\ F) = -nx J\ (y J\ F) 

2. (x V T) J\ y — —i(x V T) V y 

3. x \ {y J\(z\ T)) = (x V y) J\ (z V T) 
Proof. We derive the equations in order. 

x J\ (y J\ F) = (x J\ F) /\ y by (FEL7) and (FEL4) 

= (->x J\ F ) J\ V by (FEL8) 

= ~>x J\ (y J\ F) by (FEL7) and (FEL4) 

(x V T) J\ y = (x J\ F) V y by (FEL9) 

= (ni^F)Vi/ by (FEL8) 

= (-.a; J\ -.T) V y by (FEL1) 

= -.(a; V T) V y by (FEL3) and (FEL2) 

x V (y J\ (z V T)) = x V (y V (z J\ F)) by (FEL10) 

= (x V y) V (z J\ F) by the dual of (FEL4) 

= (x V y) J\ [z V T) by (FEL10) □ 

Theorem 2.5. For all P,Q e FT, if EqFFEL hP = Q then FFEL N P = Q. 

Proof. It is immediately clear that identity, symmetry and transitivity are preserved. For con- 
gruence we show only that for all P, Q, P e FT, FFEL \= P = Q implies FFEL \= R/\P = R/\Q. 
The other cases proceed in a similar fashion. If FFEL \= P = Q, then fe(P) = fe(Q) and hence 
fe (P) [Th) F] = fe (Q) [T i— )• F] , so 

fe (P) [T ^ fe(P), F i-> fe(P)[T F]] = fe (P) [T ^ fe(Q), F ^ fe(Q)[T ^ F]]. 

Therefore by definition of fe, FFEL \=Rj\P = Rj\Q. 

The validity of the equations in EqFFEL is also easily verified. As an example we show this 
for (FEL8). 

fe(P/\ F) = fe(P)[T h4F,F^F[T^ F]] by definition 

= fe(P)[T F] because F[T^F] = F 

= fe (P) [T^ F,Fi^T][Th4 F] by induction 

= fe(-P/\ F), 

where the induction that proves the third equality is on the structure of evaluation trees. □ 
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2.1 FEL Normal Form 



To aid in our completeness proof we define a normal form for FEL-tcrms. Due to the possible 
presence of side effects, FFEL does not identify terms which contain different atoms or the 
same atoms in a different order. Because of this, common normal forms for PL are not normal 
forms for FEL-tcrms. For example, rewriting a term to Conjunctive Normal Form or Disjunctive 
Normal Form may require duplicating some of the atoms in the term, thus yielding a term that 
is not derivably equal to the original. We first present the grammar for our normal form, before 
motivating it. The normal form we present here is an adaptation of a normal form proposed by 
Blok in [Bloll]. 

Definition 2.6. A term P € FT is said to be in FEL Normal Form (FNF) if it is generated 
by the following grammar. 



P e FNF : 


:=P T 


| P F | P T J\P* 


p* . 


:= P c 


| P d 


P c : 


:=P e 


| P* J\P d 


pd . 


:=P l 


| P* V P c 


P l : 


:= aj\ 


P T | -na^P 7 


P T : 


:=T | 


a\P T 


P F : 


:= F | 


a^P F , 



where a e A. We refer to P* -forms as *-terms, to P l -forms as l-terms, to P T -forms as J -terms 
and to P f -forms as F -terms. A term of the form P T J\ P* is referred to as a T-*-term. 

We immediately note that if it were not for the presence of T and F we could define a much 
simpler normal form. In that case it would suffice to 'push in' or 'push down' the negations, thus 
obtaining a Negation Normal Form, as exists for PL. Naturally if our set A of atoms is empty, 
the truth value constants would be a normal form. 

When considering the image of fe we note that some trees only have T-leaves, some only have 
F-leaves and some have both T-leaves and F-leaves. For any FEL-term P, fe (P V T) is a tree 
with only T-leaves, as can easily be seen from the definition of fe. All terms P such that fe(P) 
only has T-leaves are rewritten to T-terms. Similarly fe(P J\ F) is a tree with only F-leaves. 
All terms P such that fe(P) only has F-leaves are rewritten to F-terms. The simplest trees in 
the image of fe that have both T-leaves and F-leaves are FE (a) for a e A. Any (occurrence of 
an) atom that determines (in whole or in part) the yield of a term, such as a in this example, is 
referred to as a determinative (occurrence of an) atom. This as opposed to a non-determinative 
(occurrence of an) atom, such as the a in a V T, which does not determine (either in whole or in 
part) the yield of the term. Note that a term P such that fe (P) contains both T and F must 
contain at least one determinative atom. 

Terms that contain at least one determinative atom will be rewritten to T-*-terms. In T- 
*-terms we encode each determinative atom together with the non-determinative atoms that 
occur between it and the next determinative atom in the term (reading from left to right) as an 
£-term. Observe that the first atom in an £-term is the (only) determinative atom in that £-term 
and that determinative atoms only occur in f-terms. Also observe that the yield of an £-term 
is the yield of its determinative atom. This is intuitively convincing, because the remainder of 
the atoms in any £-teim are non-determinative and hence do not contribute to its yield. The 
non-determinative atoms that may occur before the first determinative atom are encoded as a 
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T-term. A T-*-term is the conjunction of a T-term encoding such atoms and a *-term, which 
contains only conjunctions and disjunctions of i-terms. We could also have encoded such atoms 
as an F-term and then taken the disjunction with a *-term to obtain a term with the same 
semantics. We consider ^-terms to be 'basic' in *-tcrms in the sense that they are the smallest 
grammatical unit that influences the yield of the *-term. 

In the following, P T 1 P l , etc. are used both to denote grammatical categories and as variables 
for terms in those categories. The remainder of this section is concerned with defining and 
proving correct the normalization function / : FT — > FNF. We will define / recursively using 
the functions 

/" : FNF -> FNF and f c : FNF x FNF ->• FNF. 

The first of these will be used to rewrite negated FNF-terms to FNF-terms and the second to 
rewrite the conjunction of two FNF-terms to an FNF-term. By (FEL2) we have no need for a 
dedicated function that rewrites the disjunction of two FNF-terms to an FNF-term. 

We start by defining /". Analyzing the semantics of T-terms and F-terms together with the 
definition of fe on negations, it becomes clear that /" must turn T-terms into F-terms and vice 
versa. We also remark that /" must preserve the left-associativity of the *-tcrms in T-*-terms, 
modulo the associativity within £-terms. We define /" : FNF — > FNF as follows, using the 
auxiliary function /" : P* — » P* to 'push down' or 'push in' the negation symbols when negating 
a T-*-tcrm. We note that there is no ambiguity between the different grammatical categories 
present in an FNF-term, i.e., any FNF-term is in exactly one of the grammatical categories 
identified in Definition 2.6. 



/"CO 


= F 


(2.1) 


/>Vp t ) 


= aJ\.r(P T ) 


(2.2) 


r(F) 


= T 


(2.3) 


P(a^P F ) 


= «Vf(F F ). 


(2.4) 


f n (P T J\Q*) 


= p J j\f?(Q*) 


(2.5) 




= ^aj\ P T 


(2.6) 


m^^p T ) 


= a/\P T 


(2.7) 


/r(p* j\ Q d ) 




(2.8) 


f?(P* V Q c ) 




(2.9) 



Now we turn to defining f c . These definitions have a great deal of inter-dependence so we first 
present the definition for f c when the first argument is a T-term. We see that the conjunction 
of a T-term with another term always yields a term of the same grammatical category as the 
second conjunct. 



f c (T,P) = P (2.10) 

f c (a\ P T ,Q T ) = a\ f c (P T ,Q T ) (2.11) 

f(a\ P T ,Q F ) = a^f c (P T ,Q F ) (2.12) 

f c (a V P T , Q J J\ R*) = f c (a V P T , Q T ) J\ R* (2.13) 



For defining f c where the first argument is an F-term we make use of (FEL7) when dealing 
with conjunctions of F-terms with T-*-terms. The definition of f c for the arguments used in the 
right hand side of (2.16) starts at (2.23). We note that despite the high level of inter-dependence 
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in these definitions, this does not create a circular definition. We also note that the conjunction 
of an F-tcrm with another term is always itself an F-term. 

r(F,P T ) = /"(P T ) (2.14) 

/ C (F,P F ) = P F (2.15) 

/ c (F,P T ^Q*) = .r(P T ^Q*,F) (2.16) 

f c (a^P F ,Q) = a^f c (P F ,Q) (2.17) 

The case where the first conjunct is a T-*-term is the most complicated. Therefore we first 
consider the case where the second conjunct is a T-term. In this case we must make the T-term 
part of the last (rightmost) £-term in the T-*-term, so that the result will again be a T-*-term. 
For this 'pushing in' of the second conjunct we define an auxiliary function /f : P* x P T — > P* . 

r(p J j\q*,r t ) = p 1 j\ /r(g*,i? T ) (2.i8) 

f c 1 {aJ\P T ,Q T ) = aJ\f c (P T ,Q T ) (2.19) 

A c (-« P T , Q T ) =^aj\ / C (P T , Q T ) (2.20) 

K{P* J\ Q d , R T ) = P*J\ ./T(Q d , R T ) (2.21) 

/f(P* V Q c , R T ) = P* V A c (g c , R T ) (2.22) 

When the second conjunct is an F-term, the result will naturally be an F-term itself. So we 
need to convert the T-*-term to an F-term. Using (FEL4) we reduce this problem to converting 
a *-term to an F-tcrm, for which we use the auxiliary function /| : P* x P F — > P F . 

f c (P T J\Q*,R F ) = f c {P T J c 2 {Q*,R ¥ )) (2.23) 

ft(aJ\P T ,R F )=aJ\f c (P T ,R F ) (2.24) 

f^a J\ P T , R F ) = a J\ / c (P T , P F ) (2.25) 

,/ 2 c (P* J\ Q d , R F ) = / 2 c (P*,/ 2 c (Q d , P F )) (2.26) 

.f 2 c (P* V Q c , R F ) = / 2 C (P*, / 2 C (Q C , P F )) (2.27) 

Finally we are left with conjunctions and disjunctions of two T-*-terms, thus completing the 
definition of f c . We use the auxiliary function /| : P* x P T ^\ P* ^ P* to ensure that the result 
is a T-*-term. 

/ C (P T J\ Q*,P T J\ ST) = P T J\ ,fs(Q* ,R T J\ ST) (2.28) 

.mP\ Q T J\ R e ) = fi{P\Q T ) J\ R e (2.29) 

f!(P*,Q T ^(R* J\ S d )) = / 3 C (P*,Q T J\ R*) J\ S d (2.30) 

fi{P\Q T J\ (R* V S c )) = A C (P*,Q T ) J\ {R* V S c ) (2.31) 

As promised, we now define the normalization function / : FT — > FNF recursively, using /" 
and / c , as follows. 

f(a)=Tj\(aJ\T) (2.32) 

/(T) = T (2.33) 

/(F) = F (2.34) 

fhP) = f n (f(P)) (2.35) 

f{P^Q) = f c {f{P)J{Q)) (2.36) 

f(P V Q) = r(/ c (/"(/(P)), f n (.f(Q)))) (2.37) 
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Theorem 2.7. For any P G FT, f(P) terminates, f(P) G FNF and EqFFEL h f(P) = P. 



In Appendix A.l we first prove a number of lemmas showing that the definitions /" and f c 
are correct and use those to prove the theorem. The reader might wonder why we have used 
a normalization function rather than a term rewriting system to prove the correctness of FNF. 
The main reason is the author's lack of experience with term rewriting systems, although the 
fact that using a function relieves us of the need to prove the confluence of the induced rewriting 
system, thus simplifying the proof, is also a factor. 

2.2 Tree Structure 

In Section 2.3 we will prove that EqFFEL axiomatizes FFEL by showing that for P G FNF 
we can invert fe(P). To do this we need to prove several structural properties of the trees in 
the image of fe. In the definition of fe wc can see how fe(P J\ Q) is assembled from fe(P) 
and FE(Q) and similarly for fe(P V Q). To decompose these trees we will introduce some 
notation. The trees in the image of fe are all finite binary trees over A with leaves in {T, F}, 
i.e., fe[FT] C T. We will now also consider the set 7a of binary trees over A with leaves in 
{T, F, □}, where the '□' symbol is pronounced 'box'. Similarly we consider 71,2, the set of binary 
trees over A with leaves in {T, F, Di, D 2 }. The □, Di and D 2 will be used as placeholders when 
composing or decomposing trees. Replacement of the leaves of trees in 7a and 71,2 by trees 
(cither in T, 7a or 71,2) is defined analogous to replacement for trees in T, adopting the same 
notational conventions. 

For example we have by definition of fe that fe (P J\ Q) can be decomposed as 

fe(P)[T h+ Dr, F h> D 2 ]pi ^ fe(Q),D 2 h+ fe (Q) [T F]], 

where fe(P)[T ^ Di,F 4 D 2 ] G 71,2 and fe(Q) and fe(Q)[T h->- F] are in T. We note that 
this only works because the trees in the image of fe , or more general, in T, do not contain any 
boxes. Similarly, as we discussed previously, fe (P J\ F) = fe (P) [Ti-> F] , which we can write as 
fe(P)[T □][□ i-> F]. We start by analyzing the FE-image of £-terms. 

Lemma 2.8 (Structure of ^-terms). There is no i-term P such that FE(P) can be decomposed 
as X[D 1 ^ Y] with X G 7a an d Y G T, where X ^ but does contain O, and Y contains 
occurrences of both T and F. 

Proof. Let P be some i-teim. When we analyze the grammar of P we find that one branch 
from the root of fe (P) will only contain T and not F and the other branch vice versa. Hence if 
fe(P) = X[D i-)- Y] and Y contains occurrences of both T and F, then Y must contain the root 
and hence X = □. □ 

By definition a *-term contains at least one ^-term and hence for any *-term P, fe(P) 
contains both T and F. The following lemma provides the FE-image of the rightmost £-term in 
a *-term to witness this fact. 

Lemma 2.9 (Determinativeness). For all *-terms P, fe(P) can be decomposed as X[\3 Y] 
with X G 7a and Y G T such that X contains □ and Y = fe(Q) for some i-term Q. Note that 
X may be □. We will refer to Y as the witness for this lemma for P. 

Proof. By induction on the complexity of *-terms P modulo the complexity of i?-terms. In the 
base case P is an £-term and fe(P) =□[□>->• fe(P)] is the desired decomposition by Lemma 
2.8. For the induction we have to consider both fe(P J\ Q) and fe(P V Q). 
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We treat only the case for fe(P J\ Q), the case for fe(P V Q) is analogous. Let X[D 4 Y] 
be the decomposition for fe(Q) which we have by induction hypothesis. Since by definition of 
fe on /\ we have 

FE(P^\Q) = FE(P)[T4FE(Q),F4FE(Q)[T4 F]], 

we also have 

fe(P/\ Q) = fe(P)[T 4 X[D 4 y],F^ fe(Q)[T4 F]] 
= fe(P)[T ^I,Fh4 fe(Q)[T 4 F]]p i y Y], 

where the second equality is due to the fact that the only boxes in 

fe(P)[T ^I,Fh fe(Q)[T 4 F]] 

are those occurring in X. This gives our desired decomposition. □ 

The following lemma illustrates another structural property of trees in the image of *-terms 
under fe , namely that the left branch of any determinative atom in such a tree is different from 
its right branch. 

Lemma 2.10 (Non-decomposition). There is no *-term P such that fe(P) can be decomposed 
as X[D i-> Y] with leTn an d Y eT, where I^D and X contains O, but not T or F. 

Proof. By induction on P modulo the complexity of ^-terms. The base case covers ^-terms and 
follows immediately from Lemma 2.9 (fe(P) contains occurrences of both T and F) and Lemma 
2.8 (no non-trivial decomposition exists that contains both). For the induction we assume that 
the lemma holds for all *-terms with lesser complexity than P J\ Q and P V Q. 

We start with the case for fe(P/\ Q). Suppose for contradiction that fe(P^\Q) = X[D 4 Y] 
with X □ and X not containing any occurrences of T or F. Let R be a witness of Lemma 2.9 
for P. Now note that fe(P J\ Q) has a subtree 

P[T 4 fe(Q), F 4 fe(Q)[T ^ F]]. 

Because Y must contain both the occurrences of F in the one branch from the root of this subtree 
as well as the occurrences of fe(Q) in the other (because they contain T and F), Lemma 2.8 
implies that Y must (strictly) contain fe(Q) and fe(Q)[T m- F]. Hence there is a Z e T such 
that fe(P) = X[D i4 Z], which violates the induction hypothesis. The case for fe(P V Q) 
proceeds analogously. □ 

We now arrive at two crucial definitions for our completeness proof. When considering *-terms 
we already know that fe (P J\ Q) can be decomposed as 

fe(P)[T 4 U u F 4 Da] pi 4 fe(Q),D 2 4 fe(Q)[T 4 F]]. 

Our goal now is to give a definition for a type of decomposition so that this is the only such 
decomposition for fe(P^\ Q). We also ensure that fe(PV Q) does not have a decomposition of 
that type, so that we can distinguish fe(P J\ Q) from fe(P V Q). Similarly, we define another 
type of decomposition so that fe (P V Q) can only be decomposed as 

FE(P)[T 4 □!, F 4 Dap! 4 FE (Q) [F 4 T],D 2 4 FE(Q)] 

and that fe(P ^\ Q) does not have a decomposition of that type. 
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Definition 2.11. The pair (Y, Z) e 71,2 x T is a candidate conjunction decomposition 
(ccd) of X 7 . if 

• x = ypi Z, D 2 ^ Z[T i ^ F]], 

• Y contains both D\ and D 2 , 

• Y contains neither T nor F, and 

• Z contains both T and F. 

Similarly, (Y,Z) is a candidate disjunction decomposition (cdd) of X, if 

• x = ypi i ^ z[f i y T],n 2 1 ^ z], 

• Y contains both D\ and D 2 , 

• Y contains neither T nor F, and 

• Z contains both T and F. 

The ccd and cdd are not necessarily the decompositions we are looking for, because, for 
example, fe((P J\ Q) J\ R) has a ccd (fe(P)[T i-» Di,F m- □ 2 ],fe(Q J\ R)), whereas the 
decomposition we need is (fe(P J\ Q)[T i-> Di,F i-> □ 2 ],fe(P)). Therefore we refine these 
definitions to obtain the decompositions we seek. 

Definition 2.12. The pair (Y, Z) e 71,2 xT is a conjunction decomposition (cd) of X e T, 

if it is a ccd of X and there is no other ccd (Y 1 , Z') of X where the depth of Z' is smaller than 
that of Z. Similarly, (Y, Z) is a disjunction decomposition (dd) of X, if it is a cdd of X 
and there is no other cdd (Y',Z') of X where the depth of Z' is smaller than that of Z. 

Theorem 2.13. For any *-term P J\ Q, i.e., with P E P* and Q e P d , FE(P J\ Q) has the 
(unique) cd 

(FE(P)[T^n 1 ,F^n 2 ],FE(Q)) 

and no dd. For any *-term P V Q, i.e., with P e P* and Q e P c , fe(P V Q) has no cd and its 
(unique) dd is 

(FE(P)[T^D 1 ,F^D 2 ],FE(g)). 

Proof. We first treat the case for P J\ Q and start with cd. Note that fe(P J\ Q) has a ccd 
(fe(P)[T i-> Di, F i-> D 2 ], fe(Q)) by definition of fe (for the first condition) and by Lemma 2.9 
(for the fourth condition). It is immediate that it satisfies the second and third conditions. It also 
follows that for any ccd (Y, Z) either Z contains or is contained in fe(Q), for suppose otherwise, 
then Y will contain an occurrence of T or of F, namely those we know by Lemma 2.9 that fe(Q) 
has. Therefore it suffices to show that there is no ccd (Y, Z) where Z is strictly contained in 
fe(Q). Suppose for contradiction that (Y,Z) is such a ccd. If Z is strictly contained in fe(<2) 
we can decompose fe(Q) as fe(Q) = U[D i-> Z\ for some U & 7b that contains but is not equal 
to □. By Lemma 2.10 this implies that U contains T or F. But then so does Y, because 

Y = fe(P)[T U[D ^ Di], F i-> U[n i-> D 2 ]], 

and so (Y, Z) is not a ccd for fe(P J\ Q). Therefore (fe(P)[T h> Di, F i-> □ 2 ],fe(Q)) is the 
unique cd for fe(P J\ Q). 

Now for the dd. It suffices to show that there is no cdd for fe(P J\ Q). Suppose for 
contradiction that (Y, Z) is a cdd for fe(P^\ Q). We note that Z cannot be contained in fe(Q), 
for then by Lemma 2.10 Y would contain T or F. So Z (strictly) contains fe(Q). But then 
because 

Ypx ^ Z[F ^ T],D 2 ^ Z] = fe(P J\ Q), 
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we would have by Lemma 2.9 that fe(P /\ Q) does not contain an occurrence of fe(Q)[T F]. 
But the cd of fe(P J\ Q) tells us that it does, contradiction! Therefore there is no cdd, and 
hence no dd, for fe(P J\ Q). The case for fe(P V Q) proceeds analogously. □ 



At this point we have the tools necessary to invert fe on *-tcrms, at least down to the level 
of Merms. We note that we can easily detect if a tree in the image of fe is in the image of P l , 
because all leaves to the left of the root are one truth value, while all the leaves to the right are 
the other. To invert fe on T-*-terms we still need to be able to reconstruct fe(P t ) and fe(Q*) 
from fe(P t /\ Q*)- To this end we define a T-*-decomposition. 

Definition 2.14. The pair (Y,Z) e Tu x T is a T-*- decomposition (tsd) of X e T, if 

X = Y{\3 i y Z], Y does not contain T or F and there is no decomposition (U, V) € Tu X T of Z 
such that 



Proof. First we observe that (fe(P)[T h- □],fe(Q)) is a tsd because by definition of fe on ^\ 
we have fe(P)[T i-> fe(Q)] = fe(P /\ Q) and fe(Q) is non-decomposable by Lemma 2.10. 

Suppose for contradiction that there is another tsd (Y, Z) of fe(P/\ Q). Now Z must contain 
or be contained in fe(Q) for otherwise Y would contain T or F, i.e., the ones we know fe(Q) 
has by Lemma 2.9. 

If Z is strictly contained in fe(Q), then fe(Q) = U[D ^ Z] for some U e Tu with U ^ □ 
and U not containing T or F (because then Y would too). But this violates Lemma 2.10, which 
states that no such decomposition exists. If Z strictly contains fe(Q), then Z contains at least 
one atom from P. But the left branch of any atom in FE(P) is equal to its right branch and 
hence Z is decomposable. Therefore (fe(P)[T □], fe(Q)) is the unique tsd of fe(P^\ Q). □ 

2.3 Completeness 

With the two theorems from the previous section, we can prove completeness for FFEL. We define 
three auxiliary functions to aid in our definition of the inverse of fe on FNF. Let cd : T — > 71.2 x T 
be the function that returns the conjunction decomposition of its argument, dd of the same type 
its disjunction decomposition and tsd : T — > Tu x T its T-*-dccomposition. Naturally, these 
functions are undefined when their argument does not have a decomposition of the specified type. 
Each of these functions returns a pair and we will use edi (ddi , tsdi ) to denote the first element 
of this pair and cd2 (dd2, tsd2) to denote the second element. 

We define g : T — > FT using the functions g T : T — > FT for inverting trees in the image of 
T- terms and g F , </ and g* of the same type for inverting trees in the image of F-terms, ^-terms 
and *-terms, respectively. These functions are defined as follows. 



• z = u[n^v], 

• U contains D, 

• U ^ □, and 

• U contains neither T nor F. 



Theorem 2.15. For any J -term P and *-term Q the (unique) tsd o/fe(P J\ Q) is 



(fe(P)[T^D],fe(Q)). 




(2.38) 
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We note that we might as well have used the right branch from the root in the recursive case. 
We chose the left branch here to more closely mirror the definition of the corresponding function 
for FSCL SE , defined in Chapter 3. 



F if X = F 

a/\g F {Z) ifX =Y < a \> Z 



(2.39) 



Similarly, we could 



have taken the left branch in this case. 




a ^ 9 T ( Y ) ii X = Y <S a \> Z ioi some a E A 
and Y only has T-leaves 

-na J\ g T (Z) if X = Y < a > Z for some a E A 
and Z only has T-leaves 



(2.40) 



V (cdxpOp! i— > T, D 2 i— > F]) J\ g*(cd 2 (X)) if X has a cd 
g*{X) = \ ff *(ddi(X)[n! h-> T, O2 1— > F]) V g*(dd 2 (X)) if X has a dd 
g e {X) otherwise 



(2.41) 



We can immediately see how Theorem 2.13 will be used in the correctness proof of g* . 



Similarly, we can see how Theorem 2.15 is used in the correctness proof of g. It should come as 
no surprise that g is indeed correct and inverts fe on FNF. 

Theorem 2.16. For all P E FNF, #(fe(P)) = P. 

The proof for this theorem can be found in Appendix A. 2. For the sake of completeness, we 
separately state the completeness result below. 

Theorem 2.17. For all P,Q E FT, if FFEL N P = Q then EqFFEL h P = Q. 

Proof. It suffices to show that for P,Q E FNF, fe(P) = fe(Q) implies P = Q. To see this 
suppose that P 1 and Q' are two FEL-terms and fe(P') = fe(Q'). We know that P' is derivably 
equal to an FNF-term P, i.e., EqFFEL h P 1 = P, and that Q' is derivably equal to an FNF-term 
Q, i.e., EqFFEL h Q' = Q. Theorem 2.5 then gives us fe(P') = fe(P) and fe(Q') = fe(Q). 
Hence by the result P = Q and in particular EqFFEL h P = Q. Transitivity then gives us 
EqFFEL h P' = Q' as desired. 

The result follows immediately from Theorem 2.16. □ 




g T {tsd 1 (X)[a i-> T]) J\ g*(tsd 2 (X)) otherwise 



if X has only T-leaves 
if X has only F-leaves 



(2.42) 
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CHAPTER 3 



Free Short-Circuit Logic (FSCL) 



In this chapter we define Free Short-Circuit Logic on evaluation trees and present the set of 
equations EqFSCL, which we will prove axiomatizes this logic in Section 2.3. Formally, SCL- 
terms are built up from atomic propositions that may have side effects, called atoms, the truth 
value constants T for true and F for false and the connectives for negation, J\ for (short-circuit) 
left-sequential conjunction and V for (short-circuit) left-sequential disjunction. 

Definition 3.1. Let A be a countable set of atoms. SCL-terms (ST) have the following gram- 
mar presented in Backus-Naur Form. 

PeST::=aeA | T | F | ^P \ (P J\ P) \ {P V P) 

As is the case with FEL, if A = then resulting logic is trivial. 

First we return for a moment to our motivation for left-sequential logics, i.e., propositional 
terms as used in programming languages. We will consider the SCL-tcrm a V b and informally 
describe its evaluation, naturally using a short-circuit evaluation strategy. We start by evaluating 
a and let its yield determine our next action. If a yielded F we proceed by evaluating 6, i.e., 
the yield of the term as a whole will be the yield of b. If a yielded T, we already know at this 
point that a V b will yield T. We skip the evaluation of b and let the term yield T, i.e., b is 
short-circuited. 

Considering the more complex term (a V b) J\ c, we find that we start by evaluating a V b 
and if it yields T we proceed by evaluating c. If it yields F we skip the evaluation of c, because 
we know the term will yield F. This example shows that evaluating SCL-terms is an interactive 
procedure, where the yield of the previous atom is needed to determine which atom to evaluate 
next. We believe these semantics are best captured in trees. Hence we will define equality of 
SCL-terms using (evaluation) trees. We define the set T of finite binary trees over A with leaves 
in {T, F} recursively. We have that 

T £ T, F £ T, and {X <a\>Y) eT for any X, Y £ T and a £ A. 

In the expression X < a t> Y the root is represented by a, the left branch by X and the 
right branch by Y. We define the depth of a tree X recursively by d(T) = d(F) = and 
d(Y < a > Z) = 1 + max(<i(Y"), d(Z)) for a £ A. The reason for our choice of notation for trees 
will become apparent in Chapter 4. We refer to trees in T as evaluation trees, or trees for short. 
Figure 3.1 shows the trees corresponding to the evaluations of (a V b) J\ c and (a J\ b) V c. 
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Returning to our example, we have seen that the tree corresponding to the evaluation of 
(a V b) J\ c can be composed from the tree corresponding to the evaluation of a V b and that 
corresponding to the evaluation of c. We said above that if a V b yielded T, we would proceed 
with the evaluation of c. This can be seen as replacing each T-leaf in the tree corresponding 
to the evaluation of a V b with the tree that corresponds to the evaluation of c. Formally 
we define the leaf replacement operator, 'replacement' for short, on trees in T as follows. Let 
X,X',X"Y,Z g T and a g A. The replacement of T with Y and F with Z in X, denoted 
X [T Y, F Z] , is defined recursively as 

T[T ^ Y, F ^ Z\ = Y 
F[T h> F, F h> Z] = Z 
{X' < a > X")[T ^F,F^Z] = X'[T H4y,F^Z]<a> X"[T hY,Fh Z]. 

We note that the order in which the replacements of the leaves of X is listed inside the brackets 
is irrelevant. We will adopt the convention of not listing any identities inside the brackets, i.e., 

X[F^Y] =I[T^T,F^7]. 

Furthermore we let replacements associate to the left. We also use that fact that 

X[T i — y y] [F i — y Z\ = X[T i — y Y, F i — v Z\ 
if Y does not contain F, which can be shown by a trivial induction. Similarly, 

X[F i — y Z] [T i — y Y] = X[T i — y y, F i — y Z\ 

if Z docs not contain T. Wc now have the terminology and notation to formally define the 
mapping from SCL-tcrms to evaluation trees. 

Definition 3.2. Let A be a countable set of atoms and let T be the set all finite binary trees over 
A with leaves in {T, F}. We define the unary Short-Circuit Evaluation function SE : ST — > T 
as: 

SE(T) =T 
SE(F) = F 

SE (a) = T < a > F for a g A 

se(^P) = se(P)[T hF,F^T] 
se(P^Q) = se(P)[T^se(Q)] 
se(PV Q) = se(P)[F se(Q)]. 

As we can sec from the definition on atoms, the evaluation continues in the left branch if an 
atom yields T and in the right branch if it yields F. Revisiting our example once more, we indeed 
see how the evaluation of a V b is composed of the evaluation of a followed by the evaluation of 
b in case a yields F. We can compute 

SE (a V b) = (T < a > F)[F ^ (T < b > F)] 
= T < a > (T < b > F). 

Now the evaluation of (a V b) J\ c is a composition of this tree and T < c > F, as can be seen in 
Figure 2.1b. 
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Figure 3.1: Trees depicting the evaluation of two SCL-terms. The evaluation starts at the 
root. When (the atom at) an inner node yields T the evaluation continues in its left branch 
and when it yields F it continues in its right branch. The leaves indicate the yield of the 
terms as a whole. 



These trees show us that a function of the yield of the atoms in an SCL-tcrm is insufficient 
to determine the semantics of the term as a whole. They show us that we must also consider the 
(conditional) order in which the atoms occur in the term. In particular we see that in PV Q, Q 
will be short-circuited if P yields T, while in P J\ Q, it will be short-circuited if P yields F. We 
are now ready to define Short-Circuit Logic on evaluation trees. 

Definition 3.3. Free Short-Circuit Logic (FSCL SE ) is the logic that satisfies exactly the 
consequences of SE- equality, i.e., for all P,Q e ST, 

FSCL SE NP = Q <^ se(P) = se(Q). 

Using the completeness result we shall prove in Section 3.3, we will show that FSCL SE is in 
fact equivalent to FSCL as defined by Bergstra and Ponse in [BPlOb]. This should come as no 
surprise given the tree-like structure that Proposition Algebra terms exhibit, see, e.g., [BP11] or 
[BP12]. 

We choose a representation of T as trees rather than as sets of traces, i.e., the paths of those 
trees annotated with truth values for the atoms, because the tree notation allows us to be more 
succinct. These tree semantics were first given, although presented as trace semantics, by Ponse 
in [Ponll]. 

We now turn to the set of equations EqFSCL, listed in Table 3.1, which we will show in 
Section 3.3 is an axiomatization of FSCL SE . This set of equations is based on one presented by 
Bergstra and Ponse in [BPlOb]. If two SCL-terms s and t, where we extend the definition to allow 
for terms containing variables, are derivable by equational logic and EqFSCL, we denote this by 
EqFSCL hs = t and say that s and t are derivably equal. As a consequence of (SCL1) through 
(SCL3), J\ is the dual of V and hence the duals of the equations in EqFSCL are also derivable. 
We will use this fact implicitly throughout our proofs. Observe that unlike with EqFFEL, we 
have an equation in EqFSCL for (a special case of) distributivity, i.e., (SCL10). 

The following lemma shows some equations that will prove useful in Section 3.1. These 
equations show how terms of the form x J\ F and iVT can be used to change the order in which 
atoms occur in an SCL-term. This is very different from the situation with FEL, where terms 
that contain the same atoms, but in a different order, are never derivably equal. In terms of a 
comparison between EqFSCL and EqFFEL this can be seen as a consequence of (SCL10). 
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F = -T (SCL1) 

ll/^+J^I/) (SCL2) 

-.-.a; = x (SCL3) 

(xj\y)j\z = xj\(yj\z) (SCL4) 

T ^ a; = x (SCL5) 

.t </\ T = x (SCL6) 

F J\ x = F (SCL7) 

x J\ F = J\ F (SCL8) 

(x^\F)^=(^T)^ (SCL9) 

(x^)V(zM) = (^(^ F)) ^ (y V (z J\ F)) (SCL10) 



Table 3.1: The set of equations EqFSCL. 
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Lemma 3.4. The following equations can all be derived by equational logic and EqFSCL. 

1. (^i,)/^F) = (-.a: V (z J\ F)) J\ (y J\ (z J\ F)) 

2. F)) J\ (z J\ F) = (-x V (z </\ F)) ^ (y ^ F) 

3. T)) V (z ^ F) = (a; V (z ^ F)) ^ (y V T) 
Proof. We derive the equations in order. 

(x V y) </\ (z J\ F) 

= (x V y) J\ ((z ^ F) J\ F) by (SCL7) and (SCL4) 

= (x V y) ^ Hz ^F)^F) by(SCL8) 
= ((xVy)j\^(zJ\F))j\F by(SCL4) 
= ((-x J\ -y) V (z </\ F)) </\ F by (SCL8), (SCL2) and (SCL3) 

= ((-x V (z J\ F)) ^ (-y V (z ^ F))) ^ F by (SCL10) 

= (-x <V (z ^ F)) ^ ((-y <V (z ^ F)) ^ F) by (SCL4) 

= (-x V (z J\ F)) </\ ((y </\ -(z ^ F)) </\ F) by (SCL8), (SCL2) and (SCL3) 

= ((-x V (z ^ F)) ^ y) ^ Hz ^ F) ^ F) by (SCL4) 

= ((-x V (z ^ F)) ^ y) J\ ((z ^ F) ^ F) by (SCL8) 

= ((-x <V (z ^ F)) ^ y) ^ (z ^ F) by (SCL4) and (SCL7) 

= bM^F))^(^(z/\F)) by(SCL4) 

(xV(y^F))^(z^F) 

= (-.a; V (z J\ F)) </\ ((y J\ F) </\ (z </\ F)) by part (1) of this lemma 

= H V (z J\ F)) ^ (y J\ F) by (SCL7) and (SCL4) 

(x^(yVT))V(z^F) 

= (xV(zJ\ F)) ^ ((y V T) V (z J\ F)) by (SCL10) 

= (x V (z ^ F)) J\ (y V T) by the duals of (SCL7) and (SCL4) □ 

Theorem 3.5. For all P,Q e ST, if EqFSCL h P = Q then FSCL SE \= P = Q. 

Proof. To see that identity symmetry, transitivity and congruence hold in FSCL SE , we refer the 
reader to the proof of Theorem 2.5 and note that the proofs for FSCL SE are highly similar. 

Verifying the validity of the equations in EqFSCL is cumbersome, but not difficult. As an 
example we show it for (SCL3). We have 

se(-.-.P) = se(P)[T ^F,F^T][ThF,F^T] = se(P) 

by a trivial structural induction on evaluation trees. □ 



3.1 SCL Normal Form 

To aid in our completeness proof we define a normal form for SCL-terms. Because the atoms in 
SCL-terms may have side effects common normal forms for PL such as Conjunctive Normal Form 
or Disjunctive Normal Form are not normal forms for SCL. For example, the term a J\ (b V c) 
would be written as (a <f\ b) V (a </\ c) in Disjunctive Normal Form, but a trivial examination 
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shows that the evaluation trees of these terms are not the same. Our normal form is inspired by 
the FEL Normal Form presented in Chapter 2. We present the grammar for our normal form 
before we motivate it. 

Definition 3.6. A term P <G ST is said to be in SCL Normal Form (SNF) if it is generated 
by the following grammar. 



P e SNF : 


._ pT | pF | pT^p* 




._ pc | pd 


P c : 


:= P e | P* J\ P d 


pd . 


:= P e | P* V P c 


P e : 


:=(a^P T )V P F | (n fl ^P T )V F 


P T : 


:=T | (a^P T )VP T 


P F : 


:=F | (flV F )^ F , 



where a e A. We refer to P* -forms as *-terms, to P l -forms as l-terms, to P T -forms as J -terms 
and to P f -forms as F -terms. A term of the form P T </\ P* is referred to as a T-*-term. 

Without the presence of T and F in our language, a traditional Negation Normal Form would 
have sufficed. Furthermore, if A = 0, an even more trivial normal form could be used, i.e., just 
T or F. 

When considering trees in the image of SE we note that some trees only have T-leaves, some 
only F-leaves and some both T-leaves and F-leaves. For any SCL-term P, SE (P V T) is a tree 
with only T-leaves, as can easily be seen from the definition of SE . All terms P such that SE (P) 
is a tree with only T-leaves are rewritten to T-terms. Similarly, for any term P, Se(P J\ F) is 
a tree with only F-leaves. All P such that Se(P) has only F-leaves are rewritten to F-terms. 
The simplest trees in the image of SE that have both types of leaves are SE(a) for a E A. Any 
(occurrence of an) atom that determines (in whole or in part) the yield of the term, such as a 
in this example, is referred to as a determinative (occurrence of an) atom. This as opposed to 
a non-determinative (occurrence of an) atom, such as the a in a V T, which does not determine 
(either in whole or in part) the yield of the term. Note that a term P such that Se(P) contains 
both T and F must contain at least one determinative atom. 

Terms that contain at least one determinative atom will be rewritten to T-*-terms. In T- 
*-terms we encode each determinative atom together with the non-determinative atoms that 
occur between it and the next determinative atom in the term (reading from left to right) as an 
€-term. Observe that the first atom in an £-term is the (only) determinative atom in that £-term 
and that determinative atoms only occur in f-terms. Also observe that the yield of an £-term 
is the yield of its determinative atom. This is intuitively convincing, because the remainder of 
the atoms in any f-term are non-determinative and hence do not contribute to its yield. The 
non-determinative atoms that may occur before the first determinative atom are encoded as a 
T-term. A T-*-term is the conjunction of a T-term encoding such atoms and a *-term, which 
contains only conjunctions and disjunctions of £-terms. We could also have encoded such atoms 
as an F-tcrm and then taken the disjunction with a *-term to obtain a term with the same 
semantics. We consider £-terms to be 'basic' in *-terms in the sense that they are the smallest 
grammatical unit that influences the yield of the *-term. 

The f-terms in SNF are more complex than those in FEL Normal Form, because short- 
circuiting allows for the possibility of evaluating different non-determinative atoms depending on 
the yield of the determinative atom. This is also the reason why the T-terms and the F-terms 
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are more complex. Although the atoms occurring in them are not determinative, their yield can 
influence which atoms in the T-term (F-term) are evaluated next. 

We use P T , P*, etc. both to denote grammatical categories and as variables for terms in 
those categories. The remainder of this section is concerned with defining and proving correct 
the normalization function / : ST — > SNF. We will define / recursively using the functions 

/" : SNF -> SNF and f : SNF x SNF — > SNF. 

The first of these will be used to rewrite negated SNF-terms to SNF-terms and the second to 
rewrite the conjunction of two SNF-terms to an SNF-term. By (SCL2) we have no need for a 
dedicated function that rewrites the disjunction of two SNF-terms to an SNF-term. 

We start by defining /". Analyzing the semantics of T-terms and F-terms together with the 
definition of SE on negations, it becomes clear that f n must turn T-terms into F-terms and vice 
versa. We also remark that /" must preserve the left-associativity of the *-tcrms in T-*-terms, 
modulo the associativity within £-terms. We define /" : SNF — > SNF as follows, using the 
auxiliary function /" : P* — »■ P* to 'push down' or 'push in' the negation symbols when negating 
a T-*-term. We note that there is no ambiguity between the different grammatical categories 
present in an SNF-term, i.e., any SNF-term is in exactly one of the grammatical categories 
identified in Definition 3.6. 



/"CO 


= F 


(3.1) 


r((a^P T )VQ T ) 


= (aV.r(o T ))^.r(P T ) 


(3.2) 


/"(F) 


= T 


(3.3) 


/"(( a vp F )^o F ) 


= ( a ^r(o F ))vr(p F ) 


(3.4) 


f n (P T J\Q*) 


= p t A fi(Q*) 


(3.5) 


/r((a^P T )VQ F ) 


= (^a^.r(o F ))v.r(P T ) 


(3.6) 


A"((-a^P T )VQ F ) 




(3.7) 


f?(P* J\ Q d ) 


= mn ^ fr(Q d ) 


(3.8) 


fl l (P* V Q c ) 




(3.9) 



Now we turn to defining f c . These definitions have a great deal of inter-dependence so we first 
present the definition for f c when the first argument is a T-term. We see that the conjunction 
of a T-term with another terms always yields a term of the same grammatical category as the 
second conjunct. 

/ C (T,P) = P (3.10) 
f c ((a J\ P T ) V Q T , P T ) = (a J\ / C (P T , P T )) V ,f (Q T , P T ) (3.11) 
f c ((a J\ P T ) V Q T , R F ) = (aV f c (Q T , R F )) J\ / C (P T , P F ) (3.12) 
f c ((a J\ P T ) V Q T , P T J\ S*) = f c ((a J\ P T ) V Q T , R T ) J\ S* (3.13) 

For defining f c where the first argument is an F-term, we make use of (SCL7). This imme- 
diately shows that the conjunction of an F-term with another term is itself an F-term. 

f c (P f ,Q) = P F (3.14) 

The case where the first conjunct is a T-*-term and the second conjunct is a T-term is defined 
next. We will use an auxiliary function, /f : P* xP T ^F*, to turn conjunctions of a *-term 
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with a T-term into *-terms. Together with (SCL4) this allows us to define f c for this case. 

f c (P T J\ Q* ,R T ) = P T J\ fi(Q*, P T ) (3.15) 

ma J\ P T ) V Q F , R T ) = (aj\ f c (P T , R J )) V Q F (3.16) 

./T(h« cA ^ T ) V Q F , P T ) = (-a ^ ,f (P T , R T )) V Q F (3.17) 

A(P* ^ Q d , P T ) = P* J\ fi(Q d , R T ) (3.18) 

A(P* V g c , P T ) - f1{P\ R T ) V A C (Q C , P T ) (3.19) 

When the second conjunct is an F-term, the result will naturally be an F-term itself. So we 
need to convert the T-*-term to an F-term. Using (SCL4) we reduce this problem to converting 
a *-term to an F-term, for which we use the auxiliary function f$ : P* x P F — > P F . 



f(P T J\Q*,R F ) 


= f c (P T ,ti(Q*,R F )) 


(3.20) 


/ 2 c ((a^P T )VQ F ,i? F ) 


= (aVQ F )^ A(P T ,P F ) 


(3.21) 


/ 2 c (H^P T )Vg F ,i? F ) 


= (aV f(P T ,R F ))^Q F 


(3.22) 


ft(P*J\Q d ,R F ) 


= mp*,mQ d ,R F )) 


(3.23) 


ft(P*^Q c ,R F ) 




(3.24) 



Finally we are left with conjunctions of two T-*-terms, thus completing the definition of f c . 

We use the auxiliary function /| : P* x P T J\ P* — > P* to ensure that the result is a T-*-term. 

/ C (P T <A Q*,P T <A 5*) = P T ^ / 3 C (Q*, R T J\ S*) (3.25) 

ti(P*,Q T J\R e ) = /f(P*,Q T ) ^ P* (3.26) 

ft(P*,Q T J\(R* ^ S d )) = / 3 C (P*,Q T ^ P*) ^ 5 d (3.27) 

fi(P*, Q T cA V S c )) - A C (P*, Q T ) J\ (R* V S c ) (3.28) 

As promised, we now define the normalization function / : ST — > SNF recursively, using /" 
and / c , as follows. 

f(a)=Tj\((aJ\T)VF) (3.29) 

/(T) - T (3.30) 

/(F) = F (3.31) 

fhP) = f n (f(P)) (3.32) 

f{P^Q) = f c {f{P)J{Q)) (3.33) 

i(p vq) = ,r(/ c (.r(/(p)), ,r(/(Q)))) (3.34) 



Theorem 3.7. Por any P e ST, /(P) terminates, f(P) e SNF and EqFSCL h /(P) = P. 

In Appendix B.l we first prove a number of lemmas showing that the definitions /" and 
f c are correct and use those to prove the theorem. We have chosen to use a function rather 
than a rewriting system to prove the correctness of the normal form, because the author lacks 
experience with term rewriting systems and because using a function relieves us of the task of 
proving confluence for the underlying rewriting system. 

In Section 4.3 we show that FFEL is a sublogic of FSCL and that any FEL-term can be 
rewritten to an SCL-term with the same semantics. There we will pay special attention to the 
application of that translation to terms in FEL Normal Form. 
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3.2 Tree Structure 



In Section 3.3 we will prove that EqFSCL axiomatizes FSCL SE by showing that if P £ SNF we 
can invert Se(P). To do this we need to prove several structural properties of the trees in the 
image of SE . In the definition of SE we can see how SE (PJ\ Q) is assembled from SE (P) and SE (Q) 
and similarly for Se(P "V Q). To decompose these trees we will introduce some notation. The 
trees in the image of SE are all finite binary trees over A with leaves in {T, F}, i.e., Se[ST] C T ■ 
We will now also consider the set Tu of binary trees over A with leaves in {T, F, □}, where '□' is 
pronounced 'box'. The box will be used as a placeholder when composing or decomposing trees. 
Replacement of the leaves of trees in Tu by trees in T or To is defined analogous to replacement 
for trees in T, adopting the same notational conventions. 

For example we have by definition of SE that SE (P J\ Q) can be decomposed as 

SE(P)[Th->n][Dh->SE(Q)], 

where Se(P)[T □] £ Tu and Se(Q) £ T. We note that this only works because the trees 
in the image of SE, or in T in general, do not contain any boxes. We start by analyzing the 
SE-image of f -terms. 

Lemma 3.8 (Structure of ^-terms). There is no l-term P such that Se(P) can be decomposed 
as X[D i ^ Y] with X £ Tu and Y £ T, where X^D, but does contain O, and Y contains 
occurrences of both T and F. 

Proof. Let P be some ^-term. When we analyze the grammar of P we find that one branch 
from the root of SE (P) will only contain T and not F and the other branch vice versa. Hence if 
Se(P) = X[D i — ^ Y] and Y contains occurrences of both T and F, then Y must contain the root 
and hence X = □. □ 

By definition a *-term contains at least one £-term and hence for any *-term P, SE (P) contains 
both T and F. The following lemma provides the SE-image of the rightmost ^-term in a *-term 
to witness this fact. 

Lemma 3.9 (Determinativeness). For all *-terms P, Se(P) can be decomposed as X[D i->- Y) 
with X £ Tu and Y £ T such that X contains □ and Y — Se(Q) for some l-term Q. Note that 
X may be □. We will refer to Y as the witness for this lemma for P. 

Proof. By induction on the complexity of *-tcrms P modulo the complexity of i?-terms. In the 
base case P is an £-teim and Se(P) =□[□>->• Se(P)] is the desired decomposition by Lemma 
3.8. For the induction we have to consider both Se(P J\ Q) and Se(P V Q). 

We start with Se(P c /\ Q) and let X[D Y] be the decomposition for Se(<5) which we have 
by induction hypothesis. Since by definition of SE on ^ we have 

SE(P^ Q) = se(P)[T^se(Q)] 

we also have 

se(p^ q) = se(p)[t x[n i y y\] = se(p)[t x][n ^ y\. 

The last equality is due to the fact that Se(P) does not contain any boxes. This gives our desired 
decomposition. The case for Se(P < V Q) is analogous. □ 

The following lemma illustrates another structural property of trees in the image of *-terms 
under SE , namely that the left branch of any determinative atom in such a tree is different from 
its right branch. 
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Lemma 3.10 (Non-decomposition). There is no *-term P such that Se(P) can be decomposed 
os X[D h> Y] with leTn an d Y G T , where I^D and X contains D, but not T or F. 

Proof. By induction on P modulo the complexity of f-terms. The base case covers ^-terms 
and follows immediately from Lemma 3.9 (se(P) contains occurrences of both T and F) and 
Lemma 3.8 (no non-trivial decomposition exists that contains both). For the induction we 
assume that the lemma holds for all *-terms with lesser complexity than P J\ Q and P V Q. 

We start with the case for se(P</\ Q). Suppose for contradiction that Se(P c /\ Q) = X[\3 t-t Y] 
with I/D and X not containing any occurrences of T or F. Let R be a witness of Lemma 3.9 
for P. Now note that Se(P c /\ Q) has a subtree R[T i-» Se(Q)]. Because Y must contain both the 
occurrences of F in the one branch of R[T i-> se(Q)] as well as the occurrences of Se(Q) in the 
other (because they contain T and F), Lemma 3.8 implies that Y must (strictly) contain se(Q). 
Hence there is a Z e T such that fe(P) = X[D i->- Z], which violates the induction hypothesis. 
The case for Se(P V Q) is symmetric. □ 

We now arrive at two crucial definitions for our completeness proof. When considering *- 
terms, we already know that SE (P J\ Q) can be decomposed as 

se(P)[Th^ □][□ i y se(Q)]. 

Our goal now is to give a definition for a type of decomposition so that this is the only such 
decomposition for Se(P J\ Q). We also ensure that Se(P c V Q) does not have a decomposition of 
that type, so that we can distinguish Se(P J\ Q) from Se(P V Q). Similarly, we need to define 
another type of decomposition so that SE (P V Q) can only be decomposed as 

se(P)[Fh^D]P^se(Q)] 

and that Se(P J\ Q) does not have a decomposition of that type. 

Definition 3.11. The pair (Y,Z) e 7b x T is a candidate conjunction decomposition 
(ccd) ofX e T, if 

• x = Y[n i y z], 

• Y contains □, 

• Y contains F, but not T, and 

• Z contains both T and F. 

Similarly, (Y, Z) is a candidate disjunction decomposition (cdd) of X , if 

• x = Y[n i y z], 

• Y contains □, 

• Y contains T, but not F, and 

• Z contains both T and F. 

We note that the ccd and cdd are not necessarily the decompositions we are looking for, 
because, for example, Se((P J\ Q) J\ R) has a ccd (se(P)[T □],SE(Q J\ R)), whereas the 
decomposition we need is (se(P </\ Q)[T i-> D],Se(P)). Therefore we refine these definitions to 
obtain the decompositions we seek. 

Definition 3.12. The pair (Y, Z) £ 7h x T is a conjunction decomposition (cd) of X £ T, 

if it is a ccd of X and there is no other ccd (Y',Z') of X where the depth of Z' is smaller than 
that of Z. Similarly, iY,Z) is a disjunction decomposition (dd) of X, if it is a cdd of X 
and there is no other cdd (Y',Z') of X where the depth of Z' is smaller than that of Z. 
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Theorem 3.13. For any *-term P J\ Q, i.e., with P £ P* and Q £ P d , Se(P ^ Q) has the 
(unique) cd 

(se(P)[T^D],se(Q)) 

and no dd. For any *-term P V Q, i.e., with P £ P* and Q £ P c , Se(P V Q) has no cd and its 
(unique) dd is 

(se(P)[F^D],se(Q)). 

Proof. By simultaneous induction onP^Q and P V Q modulo the complexity of £-terms. In 
the basis we have to consider, for £-terms P and Q, the terms P </\ Q and P*V Q. Both of these 
are covered by the cases in the induction where the second conjunct (or disjunct) Q is an l-term. 
This is valid reasoning, since we don't call upon the induction hypothesis in those cases. For the 
induction we assume that the theorem holds for all *-terms with lesser complexity than P J\ Q 
and PVQ. We first treat the case for P J\Q. 

First for the cd. Note that (se(P)[T i-» □], Se(Q)) is a ccd of Se(P J\ Q) by definition of SE 
on J\ (for the first condition) and Lemma 3.9 (for the third and fourth condition). We also know 
that for any ccd (Y, Z) either Z contains or is contained in Se(Q). For suppose otherwise, then 

Y will contain an occurrence of T, namely the one we know by Lemma 3.9 that SE (Q) has. By 
the above it suffices to show that there is no ccd (Y, Z) where Z is strictly contained in Se(Q). 
Suppose for contradiction that such a ccd (Y, Z) does exist. 

By definition of *-terms Q is either an ^-term or a disjunction. If Q is an £-term and Z is 
strictly contained in Se(Q) then Z does not contain both T and F by Lemma 3.8. Therefore 
(se(P)[T m> □], Se(Q)) is the unique cd for Se(P j\ Q). 

If Q is a disjunction, then if Z is strictly contained in Se(Q) we can decompose Se(Q) as 
Se(Q) = U[0 i y Z] for some U £ Tfj that contains but is not equal to □. By Lemma 3.10 this 
implies that U contains either T or F. If it contains T, then so does Y, because 

F = SE(P)[Th-> U], 

and (Y,Z) is not a ccd for Se(P </\ Q). If it only contains F then (U,Z) is a ccd for Se(Q) 
which violates the induction hypothesis. Therefore (se(P)[T i-> □],se(Q)) is the unique cd for 
se(P^Q). 

Now for the dd. It suffices to show that there is no edd for Se(P J\ Q). Again Q is either 
an £-term or a disjunction. Suppose for contradiction that (Y, Z) is a edd for Se(P J\ Q). If Q 
is an £-term, then Z must contain all occurrences of F in SE (P </\ Q) ■ So in particular it must 
contain all occurrences of F in Se(Q). It must also contain at least one occurrence of T. Hence 
by Lemma 3.8 Z must contain Se(Q). But then Z contains all the occurrences of T in Se(PJ\ Q) 
and hence X does not contain any occurrences of T. Therefore there is no edd for Se(P J\ Q). 

If Q is a disjunction then Z must contain all occurrences of F in Se(P J\ Q). Let R be 
a witness of Lemma 3.9 for P. Now note that R[T i-> Se(Q)] is a subtree of Se(P J\ Q). 
Also note that Lemma 3.8 implies that there is no way to decompose P[T i-> Se(Q)] such that 
R[T h->- se(Q)] = U[d i-> V] for some U £ 7n that contains but is not equal to □ and some 

V £ T containing occurrences of both Se(Q) and F. So because Z must contain all occurrences 
of F in Se(P J\ Q), it must strictly contain se(Q). But all the occurrences of T in Se(P J\ Q) 
are in occurrences of SE(Q). Hence X does not contain any occurrences of T. Therefore there is 
no edd for Se(P j\ Q). The case for Se(P V Q) is symmetric. □ 

At this point we have the tools necessary to invert SE on *-tcrms, at least down to the level 
of £-terms. We can easily detect if a tree in the image of SE is in the image of P , because 
all leaves to the left of the root are one truth value, while all the leaves to the right are the 
other. To invert SE on T-*-terms we still need to be able to reconstruct Se(P t ) and Se(Q*) from 
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Se(P t J\ Q*). To this end we define a T-*-decomposition, as with cds and dds we first define a 
candidate T-*-decomposition. 

Definition 3.14. The pair (Y, Z) e 7n x T is a candidate T decomposition (ctsd) of X e 

T, if X = Y[D Z], Y does not contain T or F and there is no decomposition (U, V) e Tu x T 
of Z such that 

• Z = f/[D4 V], 

• ?7 contains 

• £7 ^ □, and 

• [/ contains neither T nor F. 

Unlike with FEL, this is not the decomposition we seek in this case. Consider for example 
that there is a T-term with the following semantics: 



a 




c d c d 

/ \ / \ / \ / \ 
TTTTTTTT 

Let P T be the T-term with these semantics and observe that Se(P t </\ Q*) has a ctsd 

(□ < a > □, (se(Q*) < c > se(Q*)) < o > (se(Q*) < d > se(Q*))). 

But the decomposition we seek is (se(P t )[T i-> □],se(Q*). Hence we will refine this definition 
to aid in the theorem below. 

Definition 3.15. The pair (Y, Z) e T\j x T is a T-*- decomposition (tsd) of X € T, if it is 

a ctsd of X and there is no other ctsd (Y' , Z 1 ) of X where the depth of Z 1 is smaller than that 
ofZ. 

Theorem 3.16. For any T-term P and *-term Q the (unique) tsd of Se(P J\ Q) is 

(SE(P)[T .->□], SE(Q)). 

Proof. First we observe that (se(P)[T i-> □],se(Q)) is a ctsd because by definition of SE on J\ 
we have Se(P)[T i-> SE(Q)] = Se(P ( /\ Q) and SE(Q) is non-decomposable by Lemma 3.10. 

Suppose for contradiction that there is ctsd (Y, Z) such that the depth of Z is smaller than 
that of SE(Q). Now Z must contain or be contained in Se(Q) for otherwise Y would contain T 
or F, i.e., the ones we know SE(Q) has by Lemma 3.9. Clearly the former cannot be the case, for 
then Z would have a greater depth than Se(Q). So the latter is the case and Se(Q) = U[D i-> Z] 
for some U e Tu that is not equal to □ and does not contain T or F (because then Y would too). 
But this violates Lemma 3.10, which states that no such decomposition exists. □ 

3.3 Completeness 

With the two theorems from the previous section, we can prove completeness for FSCL SE . We 
define three auxiliary functions to aid in our definition of the inverse of SE on SNF. Let cd : T — > 
Tu x T be the function that returns the conjunction decomposition of its argument, dd of the 
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same type its disjunction decomposition and tsd, also of the same type, its T-*-decomposition. 
Naturally, these functions are undefined when their argument does not have a decomposition 
of the specified type. Each of these functions returns a pair and we will use cdi (ddi, tsdi) to 
denote the first element of this pair and cd 2 (dd 2 , tsd 2 ) to denote the second element. 

We define g : T — > ST using the functions g T : T —¥ ST for inverting trees in the image of 
T-terms and g F , g l and g* of the same type for inverting trees in the image of F-terms, £-terms 
and *-terms, respectively. These functions are defined as follows. 



9 J (X) 



g F (x) 



9 £ (X) 



9*(X) 



g(x) 



I T if X = T 

[(aJ\g T (Y)) V 3 T (Z) itX = Y<a\>Z 

fF ifX = F 

[(a^ g F (Z))j\g F (Y) itX = Y<a\>Z 

'(aJ\g J (Y)) V g F (Z) if X = Y < a > Z for some a e A 

and Y only has T-leaves 
(^a J\ g T {Z)) V g F {Y) if X = Y < a > Z for some a e A 
and Z only has T-leaves 

S*(cdipOp ^ T]) ^ ff *(cd 2 (X)) if X has a cd 
ff*(ddi(X)p i—> F]) V ff *(dd 2 (X)) if X has a dd 
g (X) otherwise 

g T (X) if X has only T-leaves 

<? F (X) if X has only F-leaves 

k g T (tsdi (X) [□ !->• T] ) ^ (tsd 2 (X) ) otherwise 



(3.35) 
(3.36) 

(3.37) 

(3.38) 
(3.39) 



Theorem 3.17. For all P e SNF ; ff(SE(P)) = P. 

The proof for this theorem can be found in Appendix B.2. For the sake of completeness, we 
separately state the completeness result below. 

Theorem 3.18. For all P, Q e ST, i/FSCL SE N P = Q then EqFSCL h P = Q. 

Proof. It suffices to show that for P, Q e SNF, SE(P) = Se(Q) implies P = Q. To see this 
suppose that P' and Q' are two SCL-terms and Se(P') = Se(Q'). We know that P' is derivably 
equal to an SNF-term P, i.e., EqFSCL h P' = P, and that Q' is derivably equal to an SNF-term 
Q, i.e., EqFSCL h Q' = Q. Theorem 3.5 then gives us Se(P') = Se(P) and se(Q') = Se(Q). 
Hence by the result P = Q and in particular EqFSCL h P = Q. Transitivity then gives us 
EqFSCL h P' = Q' as desired. 

The result follows immediately from Theorem 3.17. □ 

In Section 4.2 we use this result to prove that FSCL SE is equivalent to FSCL as it is defined 
by Bergstra and Ponse in [BPlOb]. 
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CHAPTER 4 



Relating FFEL to FSCL and 
Proposition Algebra 



This chapter is concerned with explaining the connection between FFEL and FSCL, a connection 
we formalize in the setting of Proposition Algebra. Because the main results of this thesis were 
not presented in this setting, we will forgo a detailed introduction to Proposition Algebra. Instead 
we refer the reader to [BP11] for a proper introduction to Proposition Algebra and to [BPlOb] 
and [BP12] for an introduction to FSCL as it is defined in terms of Proposition Algebra. We will 
however, very briefly, fix some core concepts and notation from this setting. 

In [BP 11] Bergstra and Ponse introduce Proposition Algebra for reasoning about the sequen- 
tial evaluation of propositional terms using the ternary connective y < x > z, to be read as 'if x 
then y else z' and called 'Hoare's conditional operator', defined in [Hoa85]. The terms under 
consideration can be described in Backus-Naur Form, letting A be a countable set of atoms, by 

P E CT ::= a E A | T | F | P < P > P. 

The equality of two of these terms is defined by the set of axioms CP, for 'Conditional Proposi- 
tions': 



x<\l>y = x (CP1) 

x < F > y = y (CP2) 

T < x > F = x (CP3) 

x < (y < z > u) > v = (x <y > v) < z> (x <u> v). (CP4) 



When the equality of two terms s and t in CT, possibly containing variables, can be derived from 
equational logic and (CP1)-(CP4), we denote this by CP hs = t. Bergstra and Ponse extend 
Proposition Algebra with negation and the short-circuit connectives J\ and V to obtain the set 
CT S of closed terms, where we see that ST C CT S . They extend CP with the following defining 
equations for the newly introduced connectives. 

-^x = F < x > T (4.1) 
x cA V = V <xt>F (4.2) 
xV y = T <x>y (4.3) 
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Let CP S denote CP together with these defining equations. If the equality of two terms s and t in 
CT S , possibly containing variables, can be derived from equational logic and CP S , we denote this 
by CP S h s = t. Free Short-Circuit Logic (FSCL) is then defined as follows. For all P, Q <= ST, 

FSCLh P = Q <^=> CP s h P = Q. 

We will show in Section 4.1 that FFEL can also be expressed in terms of Proposition Algebra 
with an extended signature, by adding defining equations for the full left-sequential connectives 
to CP. In Section 4.2 we will prove that FSCL SE , as we defined it in Chapter 3, is equivalent to 
FSCL. Finally in Section 4.3 we will prove that FFEL is a sublogic of FSCL by showing that its 
connectives are definable in FSCL, which will allow us to define a general left-sequential logic. 

4.1 Relating FFEL to Proposition Algebra 

To relate FFEL to Proposition Algebra, we first add negation, /\ and V to the signature of 
Proposition Algebra, to obtain the set CT/ of closed terms, where we note that FT C CT/. 
We then extend the set of equations CP with the following defining equations for the full left- 
sequential connectives. 

^x = F<xt>T (4.4) 
x/\y — y<x>(F<y>F) (4.5) 
x\y = (T<yt>T)<x>y (4.6) 

Let CP/ denote CP together with these three equations. When two terms s,t G CT/, possibly 
containing variables, are derivable by equational logic and CP/ we denote this by CP/ h s = t. 

Our goal is to prove that FFEL can also be characterized by CP/, i.e., we will show that for 
all P, Q e FT, 

FFEL N P = Q CP/ h P = Q. 

To this end we first define the function CE : CT — > T that will interpret CT-terms in T. We will 
then extend this definition to CE / : CT / — > T. 

With the informal semantics of 'if x then y else z 1 in mind for terms of the form y < x > z, 
defining CE becomes straightforward. 

Definition 4.1. Let A be a countable set of atoms and let T be the set all finite binary trees over 
A with leaves in {T, F}. We define the unary Conditional Evaluation function CE : CT — > T 
as: 

ce(T) = T 
ce(F) = F 

CE (a) = T < a > F for a e A 

CE{Q<Pt>R) = ce(P)[T^ ce(Q),F ce(P)] 

We observe that CE [CT] = T. We extend this definition to CE / : CT/ -> T by adding the 
following clauses to the definition. 

ce/(-.P) = ce/(P)[T h F, F h> T] 
ce/(P J\ Q) = ce /(P)[T i— > ce/(Q), F i— > ce /(Q)[T ^ F]] 
ce/(P V Q) = ce/(P)[T h> ce /(Q)[F i-> T], F i-> ce f (Q)} 

It is now trivial to see that CE / restricted to FEL-terms is equal to fe . 
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Theorem 4.2. For all P,Q e FT, 



FFEL NP = Q ^ CP/ \- P = Q. 

Proof. First we show that FFEL \= P = Q implies that CP/ hP = Q. If FFEL N P = Q, then 
fe(P) = fe(Q) and by Theorem 2.17 EqFFEL \- P = Q. It suffices to prove that EqFFEL is 
sound with respect to CP/. It is immediate that identity, symmetry, transitivity and congruence 
are sound and checking that (FELI)-(FELIO) are valid is cumbersome, but not difficult. As an 
example we show this for (FEL8): 

P^F = F<]P>(F<Fi>F) by (4.5) 

= (F<]F>(F<]Fi>F))<P>F by (CP2) 

= (F < F > (F < F > F)) < P > (F < T > (F < F > F)) by (CP1) 

= F < (F < P > T) > (F < F > F) by (CP4) 

= ~^P J\ F by (4.5) and (4.4) 

Given this soundness, FFEL \= P = Q implies CP/ \- P — Q. 

Next we show that CP/ h P = Q implies FFEL t= P = Q. Because CE / restricted to FT 
equals fe, it suffices to show that CP/ is sound with respect to CE/-equality, i.e., that for all 
R, S e CT/, CP/ h R = S implies CE f(R) = CE/(S). This proof is also trivial. As an example 
we show this for (CP2) as follows: 

CE f (R <\F> S) = CE/(F)[T H- CE f (R), F i y CE f (S)} 
= F[T i-> ce f(R), F i-> CE/(S)] 
= ce / (S), 

and for (4.5) as 

CE/(i? j\S) = CE/(i?)[T ^ ce f (S), F ^ CE/(S*)[T i y F]] 

= CE/(P)[T ^ CE f (S), F k> CE/(5)[T h> F, F h> F]] 
= ce f (R)[T i y ce f(S), F i— > ce /(F < 5 > F)] 

= ce / (5<P>(F<S'>F)). □ 

Given the definition of FSCL, the reason for defining FFEL in terms of evaluation trees 
rather than by using Proposition Algebra deserves some clarification. We feel that this makes 
our completeness proof more straightforward than it would have been had we defined FFEL in 
terms of Proposition Algebra. Although CT-terms are easily interpreted as trees, we would have 
had to use a basic form for CT-terms, such as [BP11, Definition 3.1], to perform our analysis as 
done in Section 2.2. In fact our function CE converts CT-terms to such basic forms if we read 
'<' as '<' and '>' as '>', thus explaining our choice of notation for trees. We have taken the 
notation y < x > z from the setting of Thread Algebra, see, e.g., [PVdZ06], where it is used to 
denote the post-conditional composition of threads. 



4.2 EqFSCL axiomatizes FSCL 

It has been an open question since FSCL was first defined in [BPlOb] whether or not EqFSCL, 
or an equivalent set of equations such as the one presented in [BPlOb] itself, axiomatizes FSCL. 
Given Theorem 3.18 it now suffices to show that FSCL SE is equivalent to FSCL, which we shall 
prove analogous to how we proved the theorem in the previous section. 
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We define the function CE S : CT S — > T that interprets CT s -terms as evaluation trees by 
extending the definition of CE with the following clauses. 

ce s (^P) = ce s (P)[T h> F, F h> T] 

GE S (P J\Q) = CE S (P)[T h> CE S (Q)] 
CE S (P V Q) = CE S (P)[F ^ CE S (Q)] 

It is now trivial to see that CE s restricted to SCL-terms is equal to SE . 

Theorem 4.3. For all P,Q e ST, 

FSCL SE NF = Q ^ FSCL N P = Q. 

Proof. If FSCL SE \= P = Q, then by Theorem 3.18 we have EqFSCL h P = Q. So it suffices 
to show that EqFSCL is sound with respect to CP S , i.e., that EqFSCL h P = Q implies 
CP S h P = Q. This proof can be found in [BPlOb]. 

For the other direction we must show that if CP S \- P — Q, then FSCL SE \= P = Q. Because 
CE S restricted to ST equals SE, it suffices to show that CP S is sound with respect to CE s -equality, 
i.e., that for all R, S e CT S , CP S h R = S implies CE S (R) = CE S (S). This is again a trivial 
proof. For example, we show it for (CP3) as follows: 

ce s (T<iPi> F) = ce s (P)[T i-> CEg(T), F ce s (F)] 
= CE s (iJ)[T^T,F^ F] 

= ce s (P), 

and for (4.3) as 

CE S (P V S) = CE S (P)[F ^ CE S {S)] 

= ce s (R)[T h- > T, F h- > ce s (S*)] 

= ce s (T <R> S). □ 

The reader may wonder why in this thesis we presented the completeness of EqFSCL with 
respect to FSCL SE rather than FSCL. The reason for this is that the author discovered the 
result after proving the completeness of EqFFEL with respect to FFEL, and this presentation 
emphasizes the similarities and differences of that proof with the proof for FSCL. 



4.3 FFEL is a sublogic of FSCL 

When we consider a simple FEL-term such as a J\ b and picture fe(o J\ b), we see that we can 
reconstruct the normal form of the original term as T /\ ((aj\ T) /\ (bj\ T)). However, we can also 
reconstruct this tree as ((aj\ T) V ((6 V F) J\ F)) </\ (\bj\ T) V F)). We will indeed show that 
for any FEL-term P there is an SCL-tcrm Q such that fe(P) = Se(Q). To this end we define a 
translation function h, which translates FEL-terms to SCL-terms with the same evaluation tree 
semantics as follows. 

h(T) = T (4.7) 
h(F) = F (4.8) 
h(a) = a (4.9) 
h(^P) = -nh(P) (4.10) 
HP J\Q) = (h(P) V (h(Q) J\ F)) J\ h(Q) (4.11) 
h(P V Q) = (h(P) J\ (h(Q) V T)) V h(Q) (4.12) 
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We immediately turn to the proof that h has the desired property. 

Theorem 4.4. FFEL is a sublogic o/FSCL, i.e., for all P,Q e FT, 

FFEL \= P = Q => FSCL 1= h(P) = h(Q). 

Proof. It suffices by Theorem 4.3 to show that for any FEL-term P, fe(P) = SE(/i(P)), which 
we shall do by induction on P. The base cases are trivial. For the induction we have 

fe(PJ\Q) = fe(P)[T fe (Q), F i— > fe(Q)[T F]] 

= SE(/j(P))[T i-» SE(/i(<5)), F i-» se(/i(Q))[T i-» F]] by induction hypothesis 
= se(/i(P))[F sE(/i(Q))[T ^ F]][T ^ se(/i(Q))] 
= se((/i(P) V </\ F)) </\ h(Q)) 

= SE(h(Pj\Q)), 

where the third equality follows from the fact that Se(/i(Q))[T F] does not contain T. The 
case for P V Q is similar. □ 

Let us consider the translation of FEL-terms in P T . In the base case we have that h(T) = T 
and in the inductive case we have h(a V P) = (a ^ (h(P) V T)) V /i(P). By Lemma B.l and 
the induction hypothesis this is equal to (a </\ h(P)) V /i(P). In other words, FEL-terms in P T 
are equivalent to SCL-terms in P T . Similarly, FEL-terms in P F are translated to SCL-terms in 
P F . In both cases they are equivalent with T-terms (F-terms) P for which the paths of Se(P) 
all contain the same atoms in the same order. 

In Chapter 1 we promised to define a general left-sequential logic, i.e., a logic for reasoning 
about propositional terms that contain both short-circuit left-sequential connectives and full 
left-sequential connectives. We can now easily define such a logic by adding the following two 
equations to EqFSCL: 

x J\ y = (x V (y J\ F)) J\ y and x V y = (x J\ (y V T)) V y. 

By the results from Chapter 3 and this chapter, it is immediate that this set of equations 
axiomatizes a (free) general left-sequential logic. Naturally, we could also express this logic in 
terms of Proposition Algebra by adding both types of connectives to its signature and considering 
CP together with (4.1)-(4.3), (4.5) and (4.6). Without making any assumptions about the side 
effects that atoms may have, this logic can be used to reason about propositional terms in 
programming languages which offer both types of connectives, such as Java. 

In the next chapter we will discuss our motivations for examining FEL separately from SCL. 
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CHAPTER 5 



Conclusion and Outlook 



The evaluation strategy prescribed by a propositional-based logic is key to determining the 
semantics of propositional terms as they are used in programming languages to direct the flow of a 
program. For any such evaluation strategy to be of use to programmers, it must be deterministic. 
For suppose otherwise, then two evaluations of the same term in the same execution environment 
could yield different results and such a system can hardly be called a logic. Given that these 
evaluation strategies must be deterministic, we are left with considering sequential evaluation 
strategies and parallel evaluation strategies. 

We have not found any programming language that uses a parallel evaluation strategy when 
dealing with propositional terms for program flow control. The likely reason being that to truly 
evaluate several subterms in parallel, the state of the entire execution environment prior to 
the start of the evaluation must be copied so that each subterm can be evaluated in the same 
environment. This would likely cause the evaluation to be slowed down to such an extent as 
to render it useless in practice. The 'merging' of multiple copies of the environment after the 
subterms have been evaluated would also be a highly non-trivial exercise. Perhaps in the setting of 
Quantum Computing we can imagine an evaluation in superposition resulting in a superposition 
of environments, but it is not at all clear how we should interpret the superposition of the yields 
of the individual atoms. 

Therefore we focus on sequential evaluation strategies, which are widely used in programming 
languages. We focus entirely on left-sequential evaluation strategies, since most programming 
languages read from left to right. We have examined both short-circuit evaluation strategies, 
in the form of FSCL SE , and full evaluation strategies, in the form of FFEL. Both induce right- 
sequential evaluation strategies. For example, for FEL we could introduce the symbols ' /\' for 
full right-sequential conjunction and ' V*' for full right-sequential disjunction. The equations in 
EqFFEL could then easily be rewritten to accommodate the new direction, e.g., (FEL9) would 
become y V* (F \x) = y \ (T V* x). For examining a setting with both left-sequential and 
right-sequential connectives, we would naturally define the right-sequential connectives in terms 
of their left-sequential counterparts. 

In ordinary propositional logic no particular evaluation strategy is prescribed. SAT-solvers 
make eager use of this freedom and often employ complex evaluation strategies that go far 
beyond simple left-sequential evaluation. See, e.g., [GPFW96] for a survey of some of the different 
algorithms used for satisfiability solving. We emphasize that SAT-solvers deal with propositional 
terms whose atoms do not have side effects. Both FFEL and FSCL SE are designed to deal with 
atoms that do have side effects, to which can be contributed much of the complexity of these 
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logics. 

As promised in Chapter 1 we return to our claim about the applicability of left-sequential 
logics for reasoning about side effects. The yield of any occurrence of an atom seiin some 
term P can be influenced by the side effects of the atoms that precede the occurrence of a in 
P as well as the state of the execution environment in which P is evaluated. If an atom a g A 
does not have a side effect, then it always behaves either as the constant T or as the constant F 
depending on the atoms that were evaluated before it and the state of the execution environment. 
For a g A and P g ST let [T/a]P denote the term which results from replacing each occurrence 
of a in P by T. Similarly, let [F/a]P be the term that results from replacing each occurrence of 
a in P with F. Let y e be the function that returns the boolean yield of an SCL-term when it is 
evaluated in execution environment e. An atom a g A has a side effect if there is some execution 
environment e and there are P, Q g ST with y e (P) — y e {Q) such that either 

y e ([T/a]P) ? y e ([T/a]Q or y e ([F/a]P) ± y e ([F/a]Q). 

As an example consider atoms a and b and suppose that a side effect of a is that any evaluation 
of b that follows it will yield T. Also suppose that if b were not preceded by a it would yield 
F. To make this concrete we could imagine a being a method that sets some global variable 
in the execution environment and always yields T. We could then see b as being a method 
that checks whether that variable has been set, in which case it yields T, or not, in which case 
it yields F. Letting e be some execution environment where the global variable is not set, or 
alternatively the empty execution environment, we see that y e (a J\ b) = T = y e {->b) and that 
2/e(T J\ b) = F 7^ y e (-^b). Hence a has a side effect by our definition. 

This opens the door to more involved reasoning <. ibout side effects. The example above hints 
at the possibility of defining what it means for an atom to be 'impacted' by the side effect of a 
single other atom. We could, for example, restrict our attention to P, Q g ST containing only a 
and some other atom b. If there is an environment e and there are P,Q g ST that contain only a 
and b such that y e {P) = y e (Q), but y e ([Y/a]P) ^ y e ([T/a]Q or y e ([F/a]P) ^ y e ([F/a]<3, then we 
know that b is impacted by a side effect of a. Another interesting definition would be that of a 
'positive side effect'. In that case we could say that an atom a has a positive side effect if there is 
some environment e and some P, Q g ST such that y e (P) = y e {Q), but y e ([T/a]P) ^ y e ([T/a]Q). 

With this definition of a side effect we see that FEL, unlike PL, preserves side effects in the 
sense that FFEL N P = Q implies FFEL N [T/a]P = [T/a]Q and FFEL N [F/a]P = [F/a]Q for 
all P, Q g FT and all a g A. The same goes for SCL. Thus, if we adopt our proposed definition 
of side effects, both FEL and SCL can be used to reason about propositional expressions with 
atoms that may have side effects. 

For defining and reasoning about side effects as we have done above we need constants for 
our truth values. The constants T and F are not definable in SCL and FEL, except in terms 
of one another. This is unlike PL, where the law of excluded middle allows one to define T in 
terms of negation and disjunction, naturally assuming we have at least one atom at our disposal. 
The constant F can then be defined in terms of T or by the law of non-contradiction. With SCL 
and FEL we cannot exclude the possibility that every atom has a side effect that causes any 
subsequent evaluation of that same atom to yield the opposite truth value. Hence neither the 
law of excluded middle nor the law of non-contradiction arc valid in SCL or FEL. 

We now turn to the question of the usefulness of FEL. As mentioned in Chapter 1 we 
find that some programming languages offer full left-sequential connectives, which motivates the 
initial investigation of FEL. We claim that FEL has a greater value than merely to act as means 
of writing certain SCL terms using fewer symbols. The usefulness of a full evaluation strategy 
lies in the increased predictability of the state of the environment after a (sub)term has been 
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evaluated. In particular, we know that the side effects of all the atoms in the term have occurred. 
Naturally we leave errors and error values out of this discussion. 

SCL is characterized by its efficiency, in the sense that atoms are not evaluated if their yield 
is not needed to determine the yield of a term as a whole. From that perspective FEL might 
seem rather inefficient, but this is not necessarily so. To determine the state of the environment 
after the evaluation of a FEL term in a given environment, we need only compute how each 
atom in the term transforms the environment. It is not necessary to compute the yield of any 
of the atoms. With SCL terms in general we must know what the first atom yields in order to 
determine which atom is next to transform the environment. Thus to compute the state of the 
environment after the evaluation of an SCL term we must compute the yield of each atom that 
transforms the environment and we must compute the transformation of the environment for 
each atom that affects it. Consider the SCL-term 

((«M^F))^\F)Vc 

and note that to compute its yield we must first compute the yield of a to determine whether or 
not b is short-circuited. Consider atoms a and b that have no side effects, and hence do not affect 
the environment. If computing the yield of a is computationally very demanding, the FEL-term 

((aV {bj\ F)) J\ F) V c 

can be evaluated more quickly, because it is not necessary to compute the yield of a. 

In [BPlOb] several variants of SCL are defined in addition to FSCL. In this thesis we have 
only defined one variant of FEL, i.e., FFEL. An important variant of SCL is Memorizing Short- 
Circuit Logic, MSCL, which is defined in the same way as FSCL, but adding the following axiom 
to CP: 

x <\y > (z <u> (v <y > w)) = x <y > (z < ut> w) (CPmem) 

As we can see from (CPmem), once an atom has been evaluated all subsequent evaluations of 
the same atom will yield the same truth value. An example of such a 'memorizing' atom in 
programming might be a call to a memoizing function 1 with a fixed argument. Naturally we 
could define Memorizing Fully Evaluated Left-Sequential Logic, MFEL, in a similar fashion. 
Given our evaluation tree semantics however, we can also define a 'post-processing' on our trees 
instead. We simply take the fe image of a term and recursively walk down the tree. Whenever 
we encounter X < a > Y in a left subtree of an a, we replace it by X < a > X. Similarly, we 
replace it by Y < a > Y if we are in the right subtree of an a. 

Another variant of SCL is Static SCL, SSCL, which is defined in [BPlOb] in the same way as 
FSCL, but adding (CPmem) and the following equation to CP. 

F < x > F = F 

This equation implies that xj\ F = F, and more generally, xj\y = yj\x. As shown in [BPlOb], this 
variant is the same as PL, except that a particular evaluation strategy is prescribed. Naturally we 
could define Static FEL, SFEL, similarly. We believe that the most elegant method of defining 
variants, other than the free variants, for FEL and SCL is by means of Proposition Algebra. 
We believe that evaluation trees offer a didactically interesting alternative definition for the free 
variants, because they offer a straightforward semantics just for the left-sequential connectives. 

When considering these and other variants of FEL and SCL it is useful to consider what these 
logics express in terms of the properties of atoms. Any atom in MFEL (or MSCL) is memorizing 

: A memoizing function is a function which maintains a cache of function values for arguments it has pre- 
viously been called with. See, e.g., http://en.wikipedia.org/wiki/Memoization for a detailed description of 
memoization. 
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in the sense that its yield becomes constant after it is first evaluated. The atoms in SFEL (or 
SSCL) have no side effects according to our definition. For practical applications of the theory of 
left-sequential logics it may be useful to partition the set A of atoms into sets of atoms possessing 
certain of these properties. A compound logic, geared towards the optimization of propositional 
statements in programming, could then be defined. In such a logic, for example, we would have 
x J\ F = F for any atom in the 'static' partition of A. The potential for optimization, i.e., 
evaluating as few atoms as possible to compute the yield of a term, becomes even greater when 
we consider the variants of Contractive SCL and Repetition-Proof SCL, see [BPlOb]. 

In [RcglO] Regcnboog showed that CP is w-complete if and only if, for A a countable set of 
atoms, \ A\ > 1. For an axiomatization of Static CP which is interderivable with the one presented 
above he showed w-completeness for any countable set of atoms. He also showed that the axioms 
in CP and several axiomatizations extending it arc independent. We have shown neither in- 
completeness nor independence for EqFFEL, although we would consider such theorems valuable 
future work. It is also an open question whether EqFSCL is ^-complete or independent. The set 
EqFSCL as presented in [BPlOb] and [BP12] is a different set from the one we have introduced 
in Chapter 3, although they are interderivable. The set we presented came about in consultation 
with the authors of the original definition. Because the set EqFSCL is somewhat 'in flux' in 
this sense, and to a lesser degree because its independence and w-completeness are still open 
questions, we have refrained from referring to the equations in EqFSCL as axioms. Similarly 
our definition of EqFFEL differs slightly from that in [Bloll], hence we do not refer to those 
equations as axioms either. Formal definitions of variants of FEL other than FFEL and a 
comparative analysis of these and the corresponding variants of SCL we also consider a great 
avenue for further study. 
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APPENDIX A 



Proofs for FFEL 



A.l Correctness of / 

To prove that / : FT — > FNF is indeed a normalization function we need to prove that for 
all FEL-tcrms P, f(P) terminates, f(P) <= FNF and EqFFEL h f(P) = P. To arrive at this 
result, we prove several intermediate results about the functions /" and f c , roughly in the order 
in which their definitions were presented in Section 2.1. For the sake of brevity we will not 
explicitly prove that these functions terminate. To see that each function terminates consider 
that a termination proof would closely mimic the proof structure of the lemmas dealing with the 
grammatical categories of the images of these functions. 

Lemma A.l. For any P f and P T , EqFFEL h P F = _P F J\ F and EqFFEL h P T = P T V T. 

Proof. We prove both claims simultaneously by induction. In the base case we have F = T J\ F 
by (FEL5), which is equal to F J\ F by (FEL8) and (FEL1). The base case for the second claim 
follows from that for the first claim by duality. 

For the induction we have aJ\P F = a/\ (P F J\ F) by the induction hypothesis and the result 
follows from (FEL4). For the second claim we again appeal to duality. □ 

Lemma A. 2. The following equations can be derived by equational logic and EqFFEL. 



1. x J\ (y J\ {z J\ F)) - (x V y) J\ (z J\ F) 

2. ~^xj\ {y V T) = n(^( y VT)) 
Proof. 



x (V (z J\ F)) = x J\ ((-■!/ J\ z) J\ F) 



by (FEL4) and 2.4 (1) 
by (FEL4) and 2.4 (1) 
by Lemma 2.4 (1) 



= hxj\^y) /\ (z /\ F) 
= -<(-<x^->y) J\ {zj\ F) 
= (x V y) J\ (z J\ F) 



by (FEL2) 
by (FEL10) 



ni^(i/VT) = ->x V (y J\ F) 



= -i(a; J\ ->(y J\ F)) 
= -i(a; J\ -i(-iy J\ ->T)) 
= ^(xJ\(y\T)) 



by (FEL2) and (FEL3) 
by (FEL8) and (FEL1) 
by (FEL2) 



□ 
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Lemma A. 3. For all P E FNF, if P is a T-term then f n (P) is an F-term, if it is an F-term 
then f n (P) is a T-term, if it is a T-*-term then so is f n (P), and 

EqFFEL h f n {P) = ->P. 

Proof. We start with proving the claims for T-tcrms, by induction on P T . In the base case 
/™(T) = F. It is immediate that /™(T) is an F-tcrm. The claim that EqFFEL h f n (T) = is 
immediate by (FEL1). For the inductive case we have that f n {a V P T ) = a/\ f n (P T ), where we 
may assume that f n (P T ) is an F-term and that EqFFEL h f n (P T ) = ^P T . The grammatical 
claim now follows immediately from the induction hypothesis. Furthermore, noting that by the 
induction hypothesis we may assume that f n (P T ) is an F-term, we have: 

/" (a V P T ) = a J\ f n (P T ) by definition 

= a J\ (f n (P T ) J\ F) by Lemma A.l 

= ^aj\ (/"(P T ) J\ F) by Lemma 2.4 (1) 

= ^aj\ f n (P T ) by Lemma A.l 

= /\ ~^P T by induction hypothesis 

= n( 8 VP T ). by (FEL3) and (FEL2) 

For F-terms we prove our claims by induction on P F . In the base case f n (F) = T. It is 
immediate that /"(F) is a T-term. The claim that EqFFEL h /™(F) = ^F is immediate by the 
dual of (FEL1). For the inductive case we have that f n (a J\ P F ) = a V f n (P F ), where we may 
assume that f n (P F ) is a T-term and EqFFEL h f n (P F ) = ~^P F . It follows immediately from the 
induction hypothesis that f n (a /\ P F ) is a T-term. Furthermore, noting that by the induction 
hypothesis we may assume that f n (P F ) is a T-term, we prove the remaining claim as follows: 

f n (a J\P F ) = a\ f n {P F ) by definition 

= a V (f n (P F ) V T) by Lemma A.l 

= -a V (P(P F ) V T) by the dual of Lemma 2.4 (1) 

= -a V f n {P F ) by Lemma A.l 

= ^aV -nP F by induction hypothesis 

= -n(a J\ P F ). by (FEL3) and (FEL2) 

To prove the lemma for T-*-terms we first verify that the auxiliary function /" returns a 
*-term and that for any *-term P, EqFFEL h f{ l (P) = ->P. We show this by induction on the 
number of £-terms in P. For the base cases, i.e., for €-terms, it is immediate that fi(P) is a 
*-term. If P is an ^-term with a positive determinative atom we have: 

/?(a J\ P T ) = ^a/\P T by definition 

= ^a/\ (P T V T) by Lemma A.l 

= n(a^(P T VT)) by Lemma A.2 (2) 

= -i(a J\ P T ). by Lemma A.l 

If P is an ^-term with a negative determinative atom the proof proceeds the same, substituting 
—>a for a and applying (FEL3) where needed. For the inductive step we assume that the result 
holds for *-terms with fewer ^-terms than P* J\Q d and P*\ Q c . We note that each application of 
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/" changes the main connective (not occurring inside an £-term) and hence the result is a *-term. 
Derivable equality is, given the induction hypothesis, an instance of (the dual of) (FEL2). 

With this result we can now see that f n (P T J\ Q*) is indeed a T-*-term. Furthermore we 
find that: 

f n (P T J\ Q*) = P T J\ fi(Q*) by definition 

= P T J\ -^Q* as shown above 

= (P T VT)/\ -nQ* by Lemma A.l 

= -(P T V T) V -.Q* by Lemma 2.4 (2) 

= ~^P T V -^Q* by Lemma A.l 

= ^(P T J\Q1- by (FEL2) and (FEL3) 

Hence for all P e FNF, EqFFEL h f n (P) = ->P. □ 

Lemma A. 4. For any J -term P and Q € FNF, f°(P, Q) has the same grammatical category as 
Q and 

EqFFEL h f c (P, Q) = P /\ Q- 

Proof. By induction on the complexity of the first argument. In the base case we see that 
f c (T,P) = P and hence has the same grammatical category as P. Derivable equality follows 
from (FEL5). 

For the induction step we make a case distinction on the grammatical category of the second 
argument. If the second argument is a T-term we have that f c (a V P T , Q T ) = a V f c (P T , Q T ) 1 
where we assume that f c (P T 1 Q T ) is a T-tcrm and EqFFEL h / C (P T ,Q T ) = P T J\ Q T . The 
grammatical claim follows immediately from the induction hypothesis. The claim about derivable 
equality is proved as follows: 

f c (a V P T , Q T ) = a V f c (P T , Q T ) by definition 

= a V (P T /\ Q T ) by induction hypothesis 

= a V (P T J\ (Q T V T)) by Lemma A.l 

= (a V P T ) J\ (Q T V T) by Lemma 2.4 (3) 

= (a V P T ) J\ Q T . by Lemma A.l 

If the second argument is an F-term we assume that f c (P T ,Q F ) is an F-term and that 
EqFFEL h f c (P T ,Q F ) = P T /\ Q F ■ The grammatical claim follows immediately from the 
induction hypothesis. Derivable equality is proved as follows: 

f c (a V P T , Q F ) = a/\ f c {P T , Q F ) by definition 

= a J\ (P T J\ Q F ) by induction hypothesis 

= a/\(P T /\ (Q F J\ F)) by Lemma A.l 

= (a V P T ) /\ (Q F J\ F) by Lemma A.2 (1) 

= (a V P T ) J\ Q F . by Lemma A.l 



Finally, if the second argument is a T-*-term then f c (a\ P 1 ', Q T /\R*) = f°{a\ P T , Q T )/\R*. 
The fact that this is a T-*-term follows from the fact that f c (a V P T ,Q T ) is a T-term as was 
shown above. Derivable equality follows from the case where the second argument is a T-term 
and (FEL4). □ 
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Lemma A. 5. For any T-*-term P and F-term Q, f c (P 1 Q) is an F-term and 



EqFFEL h f c (P, Q)=P^Q. 

Proof. By (FEL4) and Lemma A. 4 it suffices to show that f%{P* ,Q F ) is an F-term and that 
EqFFEL h /|(P*,Q F ) = P* J\ Q F ■ We prove this by induction on the number of £-tcrms in 
P*. In the base cases, i.e., £-terms, the grammatical claims follow from Lemma A. 4. The claim 
about derivable equality in the case of €-terms with positive determinative atoms follows from 
Lemma A. 4 and (FEL4). For £-terms with negative determinative atoms it follows from Lemma 
A.4, Lemma A.l, (FEL7), (FEL4) and (FEL8). 

For the induction step we assume the claims hold for any *-terms with fewer ^-terms than 
P*/\Q d and P*\Q C . In the case of conjunctions we have f%(P*/\Q d , R F ) = / 2 C (P*, f%{Q d , R F )) 
and the grammatical claim follows from the induction hypothesis (applied twice). Derivable 
equality follows from the induction hypothesis and (FEL4). 

For disjunctions we have /|(P* V Q C ,R F ) = f£{P* , f£(Q c , R F )) and the grammatical claim 
follows from the induction hypothesis (applied twice). The claim about derivable equality is 
proved as follows: 

fi(P* V Q c , R F ) = f£(P*,f c 2 {Q c , R F )) by definition 

= P* J\ (Q c J\ R F ) by induction hypothesis 

= P* J\ (Q c J\ (R F J\ F)) by Lemma A.l 

= (P* V Q c ) J\ (R F J\ F) by Lemma A.2 (1) 

= (P* V Q c ) J\ R F . by Lemma A.l □ 

Lemma A. 6. For any F-term P and Q e FNF ; f c (P,Q) is an F-term and 

EqFFEL h f c {P,Q) =Pj\Q. 

Proof. We make a case distinction on the grammatical category of the second argument. If the 
second argument is a T-term we proceed by induction on the first argument. In the base case we 
have f c (F,P T ) = f n (P T ) and the result is by Lemma A.3, Lemma A.l, (FEL7) and (FEL8). In 
the inductive case we have f c (a /\ P F , Q T ) = a /\ f c (P F , Q T ), where we assume that f c (P F , Q T ) 
is an F-term and EqFFEL h f c (P F , Q T ) — P F /\ Q T . The result now follows from the induction 
hypothesis and (FEL4). 

If the second argument is an F-term the proof is almost the same, except that we need not 
invoke Lemma A.3 or (FEL8) in the base case. 

Finally, if the second argument is a T-*-term we again proceed by induction on the first 
argument. In the base case we have / C (F,P T /\ Q*) = f c (P T J\ Q* , F). The grammatical claim 
now follows from Lemma A. 5 and derivable equality follows from Lemma A. 5 and (FEL7). For 
for the inductive case the results follow from the induction hypothesis and (FEL4). □ 

Lemma A. 7. For any T-*-term P and T-term Q, f c (P,Q) has the same grammatical category 
as P and 

EqFFEL h f c (P, Q) = P J\Q. 

Proof. By (FEL4) it suffices to prove the claims for /f, i.e., that f1{P*,Q T ) has the same 
grammatical category as P* and that EqFFEL h /f(-P* ,Q T ) = P* J\ Q 1 . We prove this by 
induction on the number of ^-terms in P* . In the base case we deal with €-terms and the results 
follow from Lemma A.4 and (FEL4). 
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For the inductive cases we assume that the results hold for any *-term with fewer ^-terms 
than P* /\ Q d and P* V Q c . In the case of conjunctions the results follow from the induction 
hypothesis and (FEL4). In the case of disjunctions the grammatical claim follows from the 
induction hypothesis. For derivable equality we have: 

fl(P* V Q c , R T ) =P*\ ff(Q c , R T ) by definition 

= P* V (Q c J\ R T ) by induction hypothesis 
= P* V (Q c J\ (P T V T)) by Lemma A.l 

= (P* V Q c ) J\ (R T V T) by Lemma 2.4 (3) 

= (P* V Q c ) J\ R T . by Lemma A.l □ 

Lemma A.8. For any P,Q e FNF 7 / C (P, Q) is in FNF and 

EqFFEL h ,f(P, Q) = PJ\Q. 

Proof. By the four preceding lemmas it suffices to show that f c (P 1 J\ Q* , R T J\ S*) is in FNF and 
that EqFFEL h f c (P T J\Q*,R T J\S*) = (P T /\Q*)/\(R T /\S*). By (FEL4), in turn, it suffices to 
prove that / 3 C (P* , Q T J\ R*) is a *-term and that EqFFEL h f§(P* , Q T /\ R*) = P* /\ (Q T J\ R*). 
We prove this by induction on the number of ^-tcrms in R* . In the base case we have that 
/ 3 C (P*, Q T J\ R l ) = f^(P*,Q T ) J\ R e . The results follow from Lemma A.7 and (FEL4). 

For the inductive cases we assume that the results hold for all *-terms with fewer i?-terms 
than R* J\ S d and R* V S c . For conjunctions the result follows from the induction hypothesis 
and (FEL4) and for disjunctions it follows from Lemma A.7 and (FEL4). □ 



Theorem 2.7. For any P e FT, f(P) terminates, /(P) G FNF and EqFFEL h /(P) = P. 

Proof. By induction on the complexity of P. If P is an atom, the result is by (FEL5) and 
(FEL6). If P is T or F the result is by identity. For the induction we assume that the result 
holds for all FEL-terms of lesser complexity than P /\ Q and P V Q. The result now follows 
from the induction hypothesis, Lemma A. 3, Lemma A. 8 and (FEL2). □ 



A. 2 Correctness of g 

Theorem 2.16. For all P E FNF, #(fe(P)) = P. 

Proof. We first prove that for all T-terms P, g T (FE (P)) = P, by induction on P. In the base case 
P = T and we have (/ t (fe(P)) = .g T (T) = T = P. For the inductive case we have P = a V Q T 
and 

3 t (fe(P)) = 5 t (fe(Q t ) < a > fe(Q t )) by definition of fe 

= a V .g T (FE (Q T ) ) by definition of g T 

= a V Q T by induction hypothesis 

= P. 

Similarly, we see that for all F-terms P, £( F (fe(P)) = P, by induction on P. In the base case 
P = F and we have g F (FE(P)) = g F (F) = F = P. For the inductive case we have P = a J\ Q F 
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and 



/(fe(P)) ee /(fe(Q f ) < a > fe(Q f )) by definition of fe 

= aj\ 5 F (fe(Q f )) by definition of g F 

= a /\ Q f by induction hypothesis 

= P. 

Now we check that for all £-terms P, g i (FE(P)) = P. We observe that either P = a /\ Q T or 
P = -^a J\ Q T . In the first case we have 

/(fe(P)) ee /(fe(Q t ) < a > fe(Q t )[T he> F]) by definition of fe 

= aj\ 9 T ( FE (Q T )) by definition of g e 

= a J\ Q T as shown above 

= P. 

In the second case we have that 

/(fe(P)) ee /(fe(Q t )[T he> F] < a > FE(g T )) by definition of fe 

= J\ .g T (FE (Q T )) by definition of 

= /\ Q T as shown above 

EE P. 

We now prove that for all *-terms P, <?*(fe(P)) ee P, by induction on P modulo the com- 
plexity of ^-terms. In the base case we are dealing with ^-terms. Because an i-term has neither 
a cd nor a dd we have #*(fe(P)) ee <^(fe(P)) ee P, where the first equality is by definition of g* 
and the second was shown above. For the induction we have either P = Q/\RotP=Q\R. 
In the first case note that by Theorem 2.13, fe(P) has a cd and no dd. So we have 

3*(FE(P)) ee 0*(cdi(FE(P))pi i— > T, D 2 i— > F]) /\ 3 *(cd 2 (FE(P))) by definition of 5* 

ee 0*(fe(Q)) /\ <f (fe(P)) by Theorem 2.13 

= Q /\ R by induction hypothesis 
EE P. 



In the second case, again by Theorem 2.13, fe(P) has a dd and no cd. So we have that 

3 *(fe(P)) ee .g*(ddi(FE(P))pi h+ T,D 2 ^ F]) V <?*(dd 2 (FE(P))) by definition of g* 

ee 5 *(fe(Q)) V g*(FE(R)) by Theorem 2.13 

= Q \ R by induction hypothesis 

EE P. 

Finally, we prove the theorem's statement by making a case distinction on the grammatical 
category of P. If P is a T-term, then fe (P) has only T-leaves and hence #(fe (P)) ee # t (fe (P)) ee 
P, where the first equality is by definition of g and the second was shown above. If P is an F-term, 
then fe(P) has only F-leaves and hence (?(fe(P)) ee g F (FE(P)) ee P, where the first equality is 
by definition of g and the second was shown above. If P is a T-*-term, then it has both T and 
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F-leaves and hence, letting P = Q J\ R, 

5 (fe(P)) = ff T (tsd 1 (FE(P))p h-> T]) J\ 0*(tsd 2 (FE(P))) by definition of g 

= ,g T (FE(Q)) J\ 5 *(FE(i?)) by Theorem 2.15 

= Q J\ R as shown above 
= P, 

which completes the proof. □ 
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APPENDIX B 



Proofs for FSCL 



B.l Correctness of / 

In order to prove that / : ST — > SNF is indeed a normalization function we need to prove that 
for all SCL-terms P, f(P) terminates, f(P) e SNF and EqFSCL h f(P) = P. To arrive at 
this result, we prove several intermediate results about the functions /" and f c in the order 
in which their definitions were presented in Section 3.1. For the sake of brevity we will not 
explicitly prove that these functions terminate. To see that each function terminates consider 
that a termination proof would closely mimic the proof structure of the lemmas dealing with the 
grammatical categories of the images of these functions. 

Lemma B.l. For any P F and P T , EqFSCL hP F = P F /\i and EqFSCL hP T = P T< Vi. 

Proof. We prove both claims simultaneously by induction. In the base case we have F = F x 
by (SCL7). The base case for the second claim follows from that for the first claim by duality. 

For the induction we have (a*V P F ) </\ Q F = (aV P F ) J\ (Q F J\ x) by the induction hypothesis 
and the result follows from (SCL4). For the second claim we again appeal to duality. □ 

Lemma B.2. The following equations can all be derived by equational logic and EqFSCL. 



1. (x V T) J\ = -n((a: <V T) J\ y) 

2. (^(^(^ T))) T)) = ((x J\y)Vw)j\(zVT) 

3. (x V ((y V T) J\ (z j\ F))) «/\ ((w V T) J\ (z ^ F)) = ((x J\(wV T)) V (y V T)) ^ (z J\ F) 
I (x V ((y V T) J\ (z J\ F))) JK(w^F) = ((^x J\ (y <V T)) <V (w J\ F)) J\ (z J\ F) 



Proof. We derive the equations in order. 



(x <V T) J\ ^y 



= ^xJ\F)^y) 
= -((^F)V l/ ) 



by (SCL1), (SCL2) and (SCL3) 
by (SCL8) 
by (SCL9) 
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(^(^(zVT)))V(^(zVT)) 

- (Or J\ y) J\ (z <V T)) T)) by (SCL4) 
= ((x J\ y) V w) £ (z <V T) by the dual of (SCL10) 

(x V ((y V T) ^ (z ^ F))) ^ ((«, V T) ^ (z ^ F)) 

= (a: V ((y J\ F) V (z J\ F))) «/\ ((«, V T) ^ (z ^ F)) by (SCL9) 

- ((a V (y J\ F)) V (z ^ F)) ^ ((«, V T) ^ (z ^ F)) by the dual of (SCL4) 
= (-.(a; V (y </\ F)) <V (10 V T)) ^ (z ^ F) by Lemma 3.4 (1) 
= ((-« ("-l/ ^ T)) V (w V T)) ^ (z ^ F) by (SCL1), (SCL2) and (SCL3) 
= ((-« cA (y ^ T)) V (10 V T)) </\ (z </\ F) by the dual of (SCL8) 
= ((-.a; J\ (y V T)) V (to V (T V (y <V T)))) ^ (z J\ F) by the dual of (SCL7) 
= ((-.a; J\ (y V T)) V ((10 V T) V (y V T))) J\ (z ^ F) by the dual of (SCL4) 
= {{x J\ {w V T)) V (y V T)) J\(zJ\F) by the dual of Lemma 3.4 (1) 

(xV((yVT)^^F)))^(^F) 
= (-.a; V (w J\ F)) ^ (((y V T) ^ (z ^ F)) ^ (w ^ F)) by Lemma 3.4 (1) 

= (-a; <V (w J\ F)) ^ ((y H)^(z/\ F)) by (SCL7) and (SCL4) 
= ((-x V ( W J\ F)) ^ (y V T)) ^ (z ^ F) by (SCL4) 

- ((-a; J\ (y V T)) V ((«, J\ F) ^ (y V T))) ^ (z ^ F) by the dual of (SCL10) 

- ((-a; J\ (y V T)) V («; J\ F)) ^ (z ^ F) by (SCL7) and (SCL4) □ 

Lemma B.3. For all P e SNF 7 if P is a T-term then f n {P) is an F-term, if it is an F-term 
then f n (P) is a T-term, if it is a T-*-term then so is f n (P), and 

EqFSCL h f n (P) = -i P. 

Proof. We first prove the claims for T-terms, by induction on P T . In the base case /™(T) = F. 
It is immediate that /™(T) is an F-term. The claim that EqFSCL h f n (T) = is immediate 
by (SCL1). For the inductive case we have that f n ((a J\ P T ) V Q T ) = (a V f n (Q T )) J\ f n (P T ), 
where we assume that /™(P T ) and f n (Q T ) are F-terms and that EqFSCL h f n (P T ) = -P T and 
EqFSCL h /"(Q T ) = ^g T . It follows from the induction hypothesis that f n ((a J\ P T ) V Q T ) is 
an F-term. Furthermore, noting that by the induction hypothesis we may assume that /™(P T ) 
and f n (Q T ) are F-terms, we have: 

/"((a J\ P T ) V Q T ) - (a V f n (Q T )) J\ f n (P T ) by definition 

= (a V (.r(Q T ) ^ F)) j\ (/"(P T ) ^ F) by Lemma B.l 

= (-a V (f n (P T ) J\ F)) ^ (f n (Q T ) J\ F) by Lemma 3.4 (2) 

= (-a V /™(P T )) J\ f"(Q T ) by Lemma B.l 

= (-ia V ^P T ) </\ "'Q 7 by induction hypothesis 

= -((a </\ P T ) V Q T ). by (SCL2) and its dual 

For F-terms we prove our claims by induction on P F . In the base case f n (F) = T. It is 
immediate that /"(F) is a T-term. The claim that EqFSCL h f n (F) = ^F is immediate by the 
dual of (SCL1). For the inductive case we have that /"((aV P F )J\ Q F ) = (aj\ /™(Q F )) < V /™(P F ), 
where we assume that /™(P F ) and f n (Q F ) are T-tcrms and that EqFSCL h /"(P F ) = -P F and 
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EqFSCL h f n (Q F ) = -Q F . It follows from the induction hypothesis that /"((aV P F ) J\ Q F ) is a 
T-term. Furthermore, noting that by the induction hypothesis we may assume that /™(P F ) and 
f n (Q F ) are T-terms, the proof of derivably equality is dual to that for f n ((a J\ P T ) V Q T ). 

To prove the lemma for T-*-terms we first verify that the auxiliary function /" returns a 
*-term and that for any *-term P, EqFSCL h f{ L {P) = ->P. We show this by induction on the 
number of £-terms in P. For the base cases it is immediate by the above cases for T-terms and 
F-terms that /™(P) is a *-term. Furthermore, if P is an l-term with a positive determinative 
atom we have: 



A"((« cA P T ) V Q F ) = (-a ^ P(Q F )) V f n (P T ) by definition 

= cA (,r(Q F ) T)) V (.r(P T ) </\ F) by Lemma B.l 

= {pa V (f"(P T ) ^ F)) J\ (P(Q F ) V T) by Lemma 3.4 (3) 

= (-a V .f l (P T )) </\ .r(Q F ) by Lemma B.l 

= (-id V ^P T ) </\ by induction hypothesis 

= -((a </\ P T ) <V Q F ). by (SCL2) and its dual 

If P is an £-term with a negative determinative atom the proof proceeds the same, substituting 
for a and applying (SCL3) where needed. For the inductive step we assume that the result holds 
for all *-terms with fewer £-terms than P* </\ Q d and P* V Q c . We note that each application of 
/" changes the main connective (not occurring inside an £-term) and hence the result is a *-term. 
Derivable equality is, given the induction hypothesis, an instance of (the dual of) (SCL2). 

With this result we can now see that f n (P T J\ Q*) is indeed a T-*-term. We note that, by 
the above, Lemma B.l implies that ~^P T = ^P T </\ F. Now we find that: 

f n (P T ^Q*)=P T </\ A" (Q* ) by definition 

= P T J\ ~^Q* as shown above 

= (P T VT)(/\ ->Q* by Lemma B.l 

= -((P T< V T) J\ Q*) by Lemma B. 2 (1) 

= ^(P T J\Q*)- by Lemma B.l 

Hence for all P e SNF, EqFSCL h /™(P) = -P. □ 



Lemma B.4. For any T-term P and Q € SNF, f c (P, Q) has the same grammatical category as 
Q and 

EqFSCL h / C (P, Q) = P J\Q. 

Proof. By induction on the complexity of the T-term. In the base case we see that / C (T, P) = P, 
which is clearly of the same grammatical category as P. Derivable equality is an instance of 
(SCL5). 

For the inductive step we assume that the result holds for all T-terms of lesser complexity 
than aj\ P T . The claim about the grammatical category follows immediately from the induction 
hypothesis. For the claim about derivable equality we make a case distinction on the grammatical 
category of the second argument. If the second argument is a T-term, we prove derivable equality 
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as follows: 

f c ((aJ\P T )VQ T ,R T ) 

= (aj\ f c {P T , R T )) V f c (Q T , R T ) by definition 

= (a J\ (P T J\ R 1 )) V (Q T </\ R T ) by induction hypothesis 

= (aj\ (P T J\ (R J V T))) <V (Q T £ (R T <V T)) by Lemma B.i 

= ((a J\ P T ) V g T ) J\ (R T V T) by Lemma B.2 (2) 

= ((a J\ P T ) V g T ) </\ R T . by Lemma B.f 

If the second argument is an F-term, we prove derivable equality as follows: 

f c ((aJ\P T )VQ T ,R F ) 

= (a V ,f(Q T , R F )) </\ f c (P T , R F ) by definition 

= (aV (Q T J\ R F )) J\ (P T J\ R F ) by induction hypothesis 

= (a <V ((Q T <V T) ^ (R F ^ F))) ^ ((P T V T) ^ (i? F ^ F)) by Lemma A.l 

= ((a ^ (P T V T)) V (Q T V T)) ^ (i? F ^ F)) by Lemma B.2 (3) 

= ((a J\ P T ) V Q T ) </\ i? F . by Lemma A.l 

If the second argument is T-*-term, the result follows from the case where the second argument 
is a T-term and (SCL4). □ 

Lemma B.5. For any F-term P and Q <G SNF ; f c (P,Q) is a F-term and 

EqFSCL h/ c (P,Q) =Pj\Q. 

Proof. The grammatical result is immediate and the claim about derivable equality follows from 
Lemma B.I, (SCL4) and (SCL7). □ 

Lemma B.6. For any T-*-term P and T-term Q, f c (P,Q) has the same grammatical category 
as P and 

EqFSCL h f c (P, Q) = P J\ Q. 

Proof. By (SCL4) it suffices to prove the claims for /f, i.e., that fi(P*,Q T ) is a *-term and that 
EqFSCL h /f(P*, Q T ) = P* J\ Q J . We prove this by induction on the number of ^-tcrms in P* . 
In the base case we deal with £-terms and the grammatical claim follows from Lemma B.4. We 
prove derivable equality as follows, letting a <G {a, ^a}: 

ff((a J\ P T ) V Q F , R T ) = (a J\ ,f (P T , R T )) <V Q F by definition 

= (aj\ (P T J\ R T )) V Q F by Lemma B.4 

= ((^P T )M T )^ F by(SCL4) 

= ((a J\ P T ) J\ (R T V T)) V (Q F J\ F) by Lemma B.I 

= ({a J\ P T ) V (Q F J\ F)) J\ (R J V T) by Lemma 3.4 (3) 

= ({a J\ P T ) V Q F ) J\ R T . by Lemma B.I 

For the induction step we assume that the result holds for all *-terms with fewer ^-terms 
than P* J\ Q d and P* V Q c . In the case of conjunctions the results follow from the induction 
hypothesis and (SCL4). In the case of disjunctions the results follow immediately from the 
induction hypothesis, Lemma B.I and the dual of (SCL10). □ 
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Lemma B.7. For any T-*-term P and F-term Q, f c {P,Q) is an F-term and 

EqFSCL h f°(P, Q) = P J\ Q. 

Proof. By Lemma B.4 and (SCL4) it suffices to prove that /|(P*,Q F ) is an F-term and that 
EqFSCL h f£(P*,Q F ) = P* </\ Q F ■ We prove this by induction on the number of £-terms in P*. 
In the base case we deal with ^-terms and the grammatical claim follows from Lemma B.4. We 
derive the remaining claim for l-terms with positive determinative atoms as: 

f c 2 ((a <A P T ) V Q F , R F ) = (a V Q F ) J\ ,f (P T , R F ) by definition 

= (a V Q F ) J\ (P T J\ R F ) by Lemma B.4 

= ({a^ Q F ) ^ P T ) ^ R F by(SCL4) 

= ((a V (Q F </\ F)) J\ (P T V T)) ^ P F by Lemma B.l 

= ((a ^ (P T V T)) <V (Q F ^ F)) ^ P F by Lemma 3.4 (3) 

= ((a </\ P T ) V Q F ) J\ R F . by Lemma B.l 

For £-terms with negative determinative atoms we derive: 

./• 2 c (H^P T )VQ F ,i? F ) 

= (a V f c (P T , R F )) J\ Q F by definition 

= (a V (P T <A i? F )) <A Q F by induction hypothesis 

= (a V ((P T V T) ^ (P F ^ F))) J\ (Q F J\ F) by Lemma B.l 

= ((-a J\ (P T V T)) V (Q F J\ F)) ^ (P F ^ F) by Lemma B.2 (4) 

= ((-a </\ P T ) V Q F ) </\ P F . by Lemma B.l 

For the induction step we assume that the result holds for all *-terms with fewer £-terms 
than P* J\ Q d and P* V Q c . In the case of conjunctions the results follow from the induction 
hypothesis and (SCL4). In the case of disjunctions note that by Lemma B.3 and the proof of 
Lemma B.6, we have that /"(/f (P*, f n (R ))) is a *-terms with same number of £-terms as P*. 
The grammatical result follows from this fact and the induction hypothesis. Furthermore, noting 
that by the same argument f n (fi(P* J n (R F ))) = ->(P* <A -P F ), we derive: 

fi(P* V g c , P F ) = / 2 c (.r(A c (P*, /"(P F ))), fi(Q c , P F )) by definition 

= P(fZ(P*,f n (R F ))) <A (Q c <A b y induction hypothesis 

= ^( p * <A ^^ F ) <A (Q c <A ^ F ) as shown above 

= (^P* V P F ) J\ (Q c J\ R F ) by (SCL3) and (SCL2) 

= (-.P* V (P F J\ F)) <A (Q c cA (P F (A F)) by Lemma B.l 

= (P* V Q c ) </\ (P F J\ F) by Lemma 3.4 (1) 

= (P* V g c ) </\ P F . by Lemma B.l 

This completes the proof. □ 

Lemma B.8. For any P, Q e SNF, / C (P, Q) is in SNF and 

EqFSCL h / C (P, Q) = P J\Q. 
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Proof. By the four preceding lemmas it suffices to show that f c (P J </\ Q* , P T </\ S*) is in SNF and 
thatEqFSCLh/ c (P T ^g*,i? T ^5'*) = (P T J\ Q*)J\ (R T J\ S*). By (SCL4), in turn, it suffices to 
prove that f§(P* , Q T J\ R*) is a *-term and that EqFSCL h f§(P* , Q T J\ R*) = P* J\ (Q T J\ R*). 
We prove this by induction on the number of i-terms in R* . In the base case we have that 
/ 3 C (P*, Q T J\ R l ) = /f(P*, Q T ) J\ R e . The results follow from Lemma B.6 and (SCL4). 

For conjunctions the result follows from the induction hypothesis and (SCL4) and for dis- 
junctions it follows from Lemma B.6 and (SCL4). □ 

Theorem 3.7. For any P € ST, f(P) terminates, f(P) G SNF and EqFSCL h f(P) = P. 

Proof. By induction on the complexity of P. If P is an atom, the result is by (SCL5), (SCL6) 
and its dual. If P is T or F the result is by identity. For the induction we get the result by 
Lemma B.3, Lemma B.8 and (SCL2). □ 



B.2 Correctness of g 

Theorem 3.17. For all P e SNF, g(SE(P)) = P. 

Proof. We first prove that for all T-terms P, <? t (se(P)) ee P, by induction on P. In the base 
case P = T and we have </ t (se(P)) ee ,g T (T) = T = P. For the inductive case we have 
P = (a J\ Q T ) V R T and 

g T (SE(Pj) = ff T (SE(Q T ) < a > Se(R t )) by definition of SE 

= (a J\ ,g T (SE(Q T ))) V g T (SE(i? T )) by definition of g T 

= (a J\ Q T ) V R T by induction hypothesis 

= P. 

Similarly we see that for all F-terms P, g f (SE(P)) = P, by induction on P. In the base case 
P = F and we have g f (SE (P)) = g F (F) = F = P. For the inductive case we have P = (a^/Q F )j\R F 
and 

g F (SE(P)) = /(SE(i? F ) < a > SE(Q F )) by definition of SE 

= (a V ,g F (SE(Q F ))) J\ ,g F (SE(i? F )) by definition of g F 

= (a V Q F ) j\ R F by induction hypothesis 
= P. 

Now we check that for all ^-tcrms P, g e (SE (P)) = P. We observe that either P = (aJ\Q T ) c ^ R F 
or P = (-ia ^ Q T ) V i? F . In the first case we have 

g e (SE (P)) = /(SE (g T ) < a > SE (P F )) by definition of SE 

ee (aj\ g T (SE(Q T ))) V /(se(P f )) by definition of g l 

= (a J\ Q T ) V R F as shown above 

EE P. 

In the second case we have that 

/(se(P)) = /(se(P f ) < a > SE(Q T )) by definition of SE 

ee (-, a ^ 5 T (SE(g T ))) V 5 f (se(P f )) by definition of g l 

ee (j~id ^\ Q T ) V R F as shown above 

EE P. 
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We now prove that for all *-terms P, g*(SE(P)) = P, by induction on P modulo the com- 
plexity of ^-terms. In the base case we are dealing with £-terms. Because an £-teim has neither 
a cd nor a dd we have g*(SE(P)) = </(se(P)) = P, where the first equality is by definition of g* 
and the second was shown above. For the induction we have either P=Q ( ^\RoyP = Q'VR. 
In the first case note that by Theorem 3.13, Se(P) has a cd and no dd. So we have 

<?*(SE(P)) = 3 *(cdi(SE(P))p ^ T]) J\ 5st (cd 2 (SE(P))) by definition of g* 

= g*(SE(Q)) J\ 5 *(se(P)) by Theorem 3.13 

= Q J\ R by induction hypothesis 
= P. 



In the second case, again by Theorem 3.13, P has a dd and no cd. So we have that 

5 *(se(P)) =s*(ddi(SE(P))p i-> F])V #*(dd 2 (SE(P))) by definition of g* 

= g*{SE(Q)) <V ff *(SE(P)) by Theorem 3.13 

= Q V R by induction hypothesis 

= P. 

Finally, we prove the theorem's statement by making a case distinction on the grammatical 
category of P. If P is a T-term, then Se(P) has only T-leaves and hence g(SE(P)) = (/ t (se(P)) = 
P, where the first equality is by definition of g and the second was shown above. If P is a F-term, 
then Se(P) has only F-leaves and hence g(SE(P)) = g F (SE(P)) = P, where the first equality is 
by definition of g and the second was shown above. If P is a T-*-term, then it has both T and 
F-leaves and hence, letting P = Q J\ R, 

ff(SE(P)) = ,g T (tsd 1 (SE(P))p i y T]) J\ , 9 *(tsd 2 (SE(P))) by definition of g 

= ,g T (SE(Q)) J\ 5 *(se(P)) by Theorem 3.16 

= Q J\ R as shown above 

= P, 

which completes the proof. □ 
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